active directory search doesn't work

I

Ivan G.

Hi.

I'm trying to search active directory for users like this:

DirectoryEntry entry = new DirectoryEntry(); //use default domain

DirectorySearcher searcher = new DirectorySearcher(entry,
"(|(objectclass=person)(objectclass=user))");

SearchResultCollection result = searcher.FindAll();

foreach(SearchResult r in result)

{

....

But it finds nothing when calling from web service. When doing the same from
normail application result are what expected. Why?

Thanx.
 
A

Arild Bakken

The webservice is probably running under the local IUSR_ or IWAM_ accounts
on the webserver, and that account does not have access to query the
directory.

Specify a username and password to use in the search by specifying that for
the searchroot DirectoryEntry (entry object in your sample).


Arild
 
I

Ivan G.

Hi, Arild!
You wrote on Thu, 19 Aug 2004 12:37:23 +0200:

Thanks after i specify domain username and password it works fine. But what
can I do to query directory without specifying any password (easy deployment
needed).

AB> Specify a username and password to use in the search by specifying that
AB> for the searchroot DirectoryEntry (entry object in your sample).

AB> Arild

AB> ??>> Hi.
??>>
??>> I'm trying to search active directory for users like this:
??>>
??>> DirectoryEntry entry = new DirectoryEntry(); //use default domain
??>>
??>> DirectorySearcher searcher = new DirectorySearcher(entry,
??>> "(|(objectclass=person)(objectclass=user))");
??>>
??>> SearchResultCollection result = searcher.FindAll();
??>>
??>> foreach(SearchResult r in result)
??>>
??>> {
??>>
??>> ...
??>>
??>> But it finds nothing when calling from web service. When doing the
??>> same from normail application result are what expected. Why?
??>>
??>> Thanx.
??>>

Me.
 
A

Arild Bakken

Personally I use the .config file to store an encrypted version of the
username and password to use.

I you could get the webservice to run under a different useraccount (web
application pool in Win2003 server.) You may then be able to specify a
domain account for this apppool, and then that account would be used when
talking to the DC.

Another (but not recommended way) would be to open for anonymous access to
AD.


Arild
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

unhandled exeption of type 'System.Runtime.InteropServices.COMException' in system directoryservices 5
System.DirectoryServices questions 4
Trying to get a name from Active Directory with DirectoryServices 4
Active Directory 6
How to enumerate all the printers on the network 3
Directory Services - searching for users/groups 2
Searching a Specific OU... 2
Howto get just servers from Active Directory 7

Top