Here is what I am doing:
1. I have a asp.net application which uses forms authentication
2. All my users are in active directory [userId, password entered in the
login form should match userId and password in AD].
3. I use windows logonUser call to authenticate the user.
4. After authenticating the user, I would like to do some active directory
5. Since my asp.net application is running under ASPNET account, I have
couple of choices to authenticate this user to do AD operations.
Choice (1): Impersonate as the user in AD and do AD operation.
Choice (2): Pass in userId, password credentials to DirectoryEntry
constructor every time.
I find that the choice (2) works, but choice (1) doesn't. I am able to
impersonate successfully using token from LogonUser, but any calls
to add objects to AD gives me the following exception:
Unhandled Exception: System.Runtime.InteropServices.COMException
(0x80005000):Unknown error (0x80005000).
Can someone tell me what I am doing wrong?