Unable to display the user selection dialog (null)

S

Shawn Fessenden

Yes, I know it looks familiar :)

Windows 2000 Professional
IIS 5
MSBSA 1.2
IIS Lockdown

After running IIS Lockdown and following the suggestions of the BSA, I can
no longer add accounts to the security dialog for any object. I've done my
homework and found several suggestions for curing this problem, but none
work. I've reversed the suggestions of the BSA and that didn't work. I
uninstalled and reinstalled IIS and that didn't work. I followed all the
directions I could find about this problem (even MS's instructions in the KB
article about this problem) all to no avail.

My problem is that I have a CGI application that uses MAPI, and in order for
that to happen I have to give the IIS login account access to
HKEY_CURRENT_USER. I can't do that. The CGI app is mine. In the mean time,
can I use CreateProcessAsUser from it?

Please, somebody, throw me a bone.
-SHAWN-
(e-mail address removed)
 
S

Shawn Fessenden

SOLVED!
David Dickinson
Click to expand...

David, thank you for your help - your prompt for more information led me to
search the net again, and I found a fix.

I have no idea why it makes a difference or what messed things up, but the
HKEY_CLASSES_ROOT\LDAP key was missing. I was led to this key by a posting
to whatismyipaddress.com:
http://www.whatismyipaddress.com/fo...plyQuote&REPLY_ID=887&TOPIC_ID=402&FORUM_ID=8

User "cleverett" posted the crucial clue. This article also references KB
article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;269489

entitled "Missing HKEY_CLASSES_ROOT\LDAP\Clsid Registry Key Causes Numerous
Errors. I then found that the whole LDAP key was missing. I checked another
of my Windows 2000 computers and found the following:

HKEY_CLASSES_ROOT\LDAP:
(Default), REG_SZ, URL:LDAP Protocol
EditFlags, REG_BINARY, 02 00 00 00
URL Protocol, REG_SZ, ""

HKEY_CLASSES_ROOT\LDAP\Clsid
(Default), REG_SZ, {228D9A81-C302-11df=9AA4-00AA004A5691}

HKEY_CLASSES_ROOT\LDAP\shell
(Default}, REG_SZ, (value not set)

HKEY_CLASSES_ROOT\LDAP\shell\open
(Default), REG_SZ, (value not set)

HKEY_CLASSES_ROOT\LDAP\shell\open\command
(Default), REG_SZ, "C:\Program Files\Outlook Express\wab.exe" /ldap:%1

For those who don't know, LDAP stands for Lightweight Directory Access
Protocol. I can't imagine why this is necessary for the GUI ACL add to work,
but apparently it is.

Thank you to all for considering my problem, and especially thank you again
David who was the only one to respond.
-SHAWN-
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Unable to display the user selection dialog (null) 4
Unable to display selection dialog (null) 1
Error: Unable to display the user selection dialog. (null) 3
unable to display the user selection dialog 1
Windows XP Unable to display the user selection dialog. (null )IN WIXPSP2 1
Unable to display the user selection dialog (null) 1
Unable to load profile outside the domain 1
Unable to generate a temporary class 2

Top