Error 80040e37 when attempting to bind to AD via LDAP

[Guest]

We are developing a new intranet app based on ASP, IIS and AD in VB6. If the program tries to bind to AD either via GetObject or via ADO then we get error 80040e37 (invalid AD path) unless
1. client is localhost (the IIS and IE run on the same machine) o
2. username and password are explicitly supplied to the connectio
3. test is run on a live domain controlle

IIS uses windows authentication, client usernames are authenticated correctly. Both test server (not domain controller) and live AD controller have SP4 installed, the test server, however has several newer pathces installed as well. That's the only difference we have found between the two servers.

 

[Matjaz Ladava [MVP]]

can you post the part of code that connects to the AD ?

--

Regards

Matjaz Ladava, MCSA, MCSE, MCT, MVP
Microsoft MVP Windows Server - Active Directory
(e-mail address removed), (e-mail address removed)

 

[Joe Richards [MVP]]

Most likely the issue is authentication. You can't pass credentials from the IIS
Server to the DC to do the LDAP query normally. Kerberos can allow this but you
need to make the computer object to be trusted for delegation. This allows the
tickets to be created for the computer to be used by the computer on behalf of
the user.

Generally it is better to have a COM+ application that IIS calls to have it go
get the data from AD. Then you set up the ID to be used inside of COM+.

joe