AD in Web Application

[MDS]

All,

I want to retrieve Users from my AD via a Web appliction. I ran this script
to populate a combobox in a normal app and it works...
But when I use this script in a Web App it fails
Any Idea Why?

Marc
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE")

Dim mySearcher1 As New System.DirectoryServices.DirectorySearcher(entry)

Dim result As System.DirectoryServices.SearchResult

Dim oValue As New ArrayList

Dim mySearcher

For Each result In mySearcher.FindAll()

oValue.Add(Microsoft.VisualBasic.Right(result.GetDirectoryEntry().Name,
Len(result.GetDirectoryEntry().Name) - 3))

Next

User1.DataSource = oValue

User1.Visible = True

 

[CJ Taylor]

All,

I want to retrieve Users from my AD via a Web appliction. I ran this script
to populate a combobox in a normal app and it works...
But when I use this script in a Web App it fails
Any Idea Why?

Marc
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE")

Dim mySearcher1 As New System.DirectoryServices.DirectorySearcher(entry)

Dim result As System.DirectoryServices.SearchResult

Dim oValue As New ArrayList

Dim mySearcher

For Each result In mySearcher.FindAll()

should this by MySearcher1?

 

[Cor]

Hi MDS,

This kind of errors is mostly because the aspnet user has (fortunatly) no
rights on the server resources.

But it is a gues,

Cor

 

[Philip Rieck]

By default your web application will run under the machine account, which
has no network privledges. You could either specify a username and password
that has rights to access that LDAP root when you create "entry" (see the
overloads for the DirectoryEntry constructor to pass credentials), or - you
could use impersonation in your web app. (do this only if people hitting it
will be from an internal network, on your local domain).

To pass in credentials:
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE",
"userLogin", "Password")

To enable impersonation, in your web.config file, add this in the
<system.web> config section:
<identity impersonate="true"/>

(the impersonate key would also allow you to impersonate a specific user for
that web application. See the docs for more information on asp.net's
identity tag, or this kb article
http://support.microsoft.com/default.aspx?kbid=306158)

 

[MDS]

Your right...
Sorry...

should this by MySearcher1?

 

[MDS]

Philip, Adding that gives me an error...
Also when I use LDAP://dcrod,dc=telenet,dc=be" then it gives an error
while running. When I use "LDAP://"servername" it doesn't...Any Idea? I'm
very new to VB.net, but have a lot experience in VBS

Marc

 

[MDS]

And how do we fix this?

 

[Cor]

Hi,

You did get some answers I saw, but I never give answers accoording to
change the security downwards.

But there is a special newsgroup for this

microsoft.public.dotnet.security

Cor

 

[MDS]

Thx Cor, Next time i'll post it there...but in the meantime...would you be
so kind to help me?

Marc

 

[Philip Rieck]

What error does that give you ? (note that username and password should be a
user that has credentials to that LDAP directory - try your own if you can
get it to work locally)

Your first LDAP string should search the default domain, while the second
looks at a particular server. Unfortunately, I am not an LDAP guru, and
can't really help you on that. I have to flop about in order to get LDAP
strings right myself.

Did you try the impersonation avenue at all?

 

[CJ Taylor]

No need to apoligize dude. =)

If I had a nickel for every time I made a typo like that... I'd have a sh...
well... lets just say enough that I wouldn't be spending my time on here. =)

Eh... who am I kidding, I'd be here no matter how much money I had...

 

[MDS]

OK, problem solved...
Its was not AD related....
Thx anyway, stil a lot of questions, so you see me arround....;-)

1000 THX, without your help I couldn't get it to work.

Marc

 

[Peter Huang]

Hi Marc,

I am glad that the problem has been resolved.

If you have any concern on this issue, please post here.

Regards,
Peter Huang
Microsoft Online Partner Support
Get Secure! www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.