DirectoryEntry properties in ASP.NET

DirectoryEntry properties in ASP.NET

Post by hfle » Thu, 15 May 2003 15:28:53



Hi,

            I have some problem with some VB.Net development using
system.directoryservices and I was hoping that someone could help me out.
The details are as follows:

I have t his snippet of code:

        Dim UserSearcher As DirectorySearcher

        Dim UserResult As SearchResult

        Dim Userentry As DirectoryEntry

        UserSearcher = New DirectorySearcher(LDAP://DC=LOCALDOMAIN)


        UserResult = UserSearcher.FindOne()

        If Not UserResult Is Nothing Then

            UserEntry = UserResult.GetDirectoryEntry

            UserEntry.UsePropertyCache = True

        End If

        TextBox1.Text = Userentry.Properties("userPrincipalName").Value


returns its userPrincipalName.

Condition 1)

Code is run in a local windows application. User is logged onto the PC using
a Domain Admin account. The value returned is as expected.

Condition 2)

Code is run inside an asp.net page (IIS 5). Authentication is set to
Integrated only (Anonymous disabled). Web.config set to:

<authentication mode="Windows" />

<identity impersonate="true"/>

User is logged into the aspx page using a Domain Admin account. The page
returns the following error:

The Active Directory datatype cannot be converted to/from a native DS
datatype
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.Runtime.InteropServices.COMException: The Active
Directory datatype cannot be converted to/from a native DS datatype

The web server is a member server (Windows 2000 Server SP1) of the
LOCALDOMAIN (AD) domain.

The same error happens for "samAccountName" property but I can get other
properties like "cn" and "accountExpires".

Thanks,
Lee

 
 
 

DirectoryEntry properties in ASP.NET

Post by Joe Kapla » Fri, 16 May 2003 00:05:44


This sounds like the classic "impersonation/delegation scenario isn't
working" error.  You can discover this quickly by trying to do a server bind
to specific server and passing in credentials to the DirectoryEntry you use
for your SearchRoot property.  If that works, but the code below doesn't,
then that is your problem.

MS has written a fairly extensive technote about these types of errors that
you should probably read:

http://support.microsoft.com/default.aspx?scid=kb;en-us;329986

The answer may be that you either need to enable delegation for all of the
users who will use the application and for the machine accounts for the
server that the application runs on, or you may need to pass in explicit
credentials.

Joe K.


> Hi,

>             I have some problem with some VB.Net development using
> system.directoryservices and I was hoping that someone could help me out.
> The details are as follows:

> I have t his snippet of code:

>         Dim UserSearcher As DirectorySearcher

>         Dim UserResult As SearchResult

>         Dim Userentry As DirectoryEntry

>         UserSearcher = New DirectorySearcher(LDAP://DC=LOCALDOMAIN)


>         UserResult = UserSearcher.FindOne()

>         If Not UserResult Is Nothing Then

>             UserEntry = UserResult.GetDirectoryEntry

>             UserEntry.UsePropertyCache = True

>         End If

>         TextBox1.Text = Userentry.Properties("userPrincipalName").Value


> returns its userPrincipalName.

> Condition 1)

> Code is run in a local windows application. User is logged onto the PC
using
> a Domain Admin account. The value returned is as expected.

> Condition 2)

> Code is run inside an asp.net page (IIS 5). Authentication is set to
> Integrated only (Anonymous disabled). Web.config set to:

> <authentication mode="Windows" />

> <identity impersonate="true"/>

> User is logged into the aspx page using a Domain Admin account. The page
> returns the following error:

> The Active Directory datatype cannot be converted to/from a native DS
> datatype
> Description: An unhandled exception occurred during the execution of the
> current web request. Please review the stack trace for more information
> about the error and where it originated in the code.

> Exception Details: System.Runtime.InteropServices.COMException: The Active
> Directory datatype cannot be converted to/from a native DS datatype

> The web server is a member server (Windows 2000 Server SP1) of the
> LOCALDOMAIN (AD) domain.

> The same error happens for "samAccountName" property but I can get other
> properties like "cn" and "accountExpires".

> Thanks,
> Lee


 
 
 

1. ASP.net: problem getting DirectoryEntry

Hi all!

In one of my asp.net pages I'd like to access an OU and add oder modify some
users. I'm creating a DirectoryEntry object as follows:
DirectoryEntry AD = new DirectoryEntry(LDAP://ou=MyOU,dc=myDomain,dc=net);

If I have a look at the variable 'AD' in my debugger I can see that its
properties are not filled which means that there was an error. If I use the
same line of code within a C# console application it works without problems.
So what might be the problem in asp.net?
Thanks in advance

Markus

2. Wuarchive going down for a short time

3. Problem with DirectoryEntry.MoveTo in ASP.NET...

4. Consultant Programmer

5. set password using asp.net w/ vb.net?

6. Call Progress Detection: What works?

7. ADSI in ASP and ASP.NET problem

8. Reposting of 15, 23, 24, 33a, 35, 37, and 38

9. Sharepoint Architects / Developers - C#, ASP.NET

10. Running ASP.NET apps on SPS v1 -- where to store them ??

11. error message with beta 2 ASP.NET ??

12. Checking out documents in ASP.NET

13. Work with SPS from ASP.NET