Willy Denoyette said:
Mike said:
:
:
I'm trying to use the DirectorySearcher.FindOne() method to get the
display
name of the current user. The code runs on a server behind a web
service.
Everything works fine when I run it on my local machine but the
FindOne()
method fails when I deploy it to the server. I'm at a loss and any
help
would be appreciated.
This is the code that works on my local machine but not on the
server.
DirectorySearcher search = new DirectorySearcher("LDAP://RootDSE");
search.Filter = String.Format("(SAMAccountName=" + m_UserName +
")");
search.PropertiesToLoad.Add("displayName");
SearchResult result = search.FindOne(); // This fails on the server
m_DisplayName = result.Properties["displayname"][0] == null ? "" :
result.Properties["displayname"][0].ToString();
LDAP://RootDSE means that you are binding to the root of the current
user's
login domain. That means that this can only be used when your
application
runs in a domain account on the server.
Willy.
I get the same results even if I use "LDAP://DC=company_name,DC=local".
Everything is running in Windows Authentication so we do have the users
token.
No, specifying this will try to bind to the "login domain" of the current
user, when the current user is not logged-in to a domain, you have to
specify the "domain name" you want to bind to.
LDAP://domain/dc=...;
or the name of the "domain controller":
LDAP://dc/dc=...;
Willy.
Everything is running in the same domain, we don't allow any outside
access.
I've tried using LDAP with the domain and without but I still get the same
problem.
Is this the only way to get the display name of the user or is the another
approach I can take?
What problem, Any exception message perhaps?
You need to bind using the "Domain name" or "DC sever" name, and you need to
specify explicit credentials and the authentication type. Also, you need to
be sure that the "domain name" and/or the "dc server name" can be resolved
through a DNS lookup, if you are not sure it's the case, you can try using
the IP address of the DC.
("LDAP://domainName/cn=...,dc=...,dc=...", "domainuser", "hispwd",
AuthenticationTypes.ServerBind);
or...
("LDAP://DCName/cn=...,dc=...,dc=...", "domainuser", "hispwd",
AuthenticationTypes.ServerBind);
Note that it doesn't matter whether you run in a single domain or not, this
is something YOU know, but not the ADSI client code.
Willy.
If I understand you correctly, I need to use a different account to
communicate with the DC instead of the current user. If not, I'm not sure
how to resolve this because I don't know the password for the user.
This is the error I get.
************** Exception Text **************
System.Web.Services.Protocols.SoapException: Server was unable to process
request. ---> An operations error occurred.
at
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
methodName, Object[] parameters)
at WS.GetList() in C:\Project\Web References\WS\Reference.cs:line 760
at frm.LoadForm() in C:\Project\frm.cs:line 30
at frm.frm_Load(Object sender, EventArgs e) in C:\Project\frm.cs:line 499
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Windows.Forms.Form.OnLoad(EventArgs e)
at System.Windows.Forms.Form.OnCreateControl()
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.WmShowWindow(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
at System.Windows.Forms.ContainerControl.WndProc(Message& m)
at System.Windows.Forms.Form.WmShowWindow(Message& m)
at System.Windows.Forms.Form.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg,
IntPtr wparam, IntPtr lparam)