Error using LDAP - An Operation Error occured

  • Thread starter Thread starter Jay
  • Start date Start date
J

Jay

Hi,

This is Jay Mehta. I have this problem when using LDAP. I extract names
and EmailId's of all those present from LDAP and populate in a
datagrid.

Now when run locally, it is running properly. But when put on Web
Server and try to access it from client machines, it is giving the
Error as "An Operation Error Occured".

It is running properly even when running on webserver directly. But
only while accessing from Client Machines it is throwing that
Exception.

The code i am using is:

System.DirectoryServices.DirectoryEntry root = new
System.DirectoryServices.DirectoryEntry("LDAP://dc="Domainname",dc=com");

System.DirectoryServices.DirectorySearcher oSearcher = new
System.DirectoryServices.DirectorySearcher(root);

oSearcher.ReferralChasing =
System.DirectoryServices.ReferralChasingOption.All;

oSearcher.PropertiesToLoad.Add("mail");
oSearcher.PropertiesToLoad.Add("Name");
int count=0;
oSearcher.Filter = "(&(objectcategory=user)(mail=*))";
System.DirectoryServices.SearchResultCollection oResult = null;
try
{
oResult = oSearcher.FindAll();
foreach(SearchResult osearchres in oResult)
{
try
{
DataRow dr;
dr=ds.Tables[0].NewRow();
dr["Email"] = osearchres.Properties["mail"][0].ToString();
dr["Name"] = osearchres.Properties["name"][0].ToString();
dt.Rows.Add(dr);
count=count+1;
}
catch(Exception aExc)
{
throw aExc;
}
}
DataGrid1.DataSource=ds;
DataGrid1.DataBind();
DataGrid1.Visible=true;
Session["ActiveDirectoryListing"]=ds;
}
catch(Exception aExc)
{
throw aExc;
}



Just want to know if there are any security setting that needs to be
done on webserver.

Any help would be highly appreciated.

Thanks,
Jay
 
Guess you have a security issue due to the multi-hop architecture
(clientmachine-webserver-LDAP server), one way to solve this is by
specifying fixed explicit credentials (see DirectoryEntry overload that
takes credentials) when binding to the LDA server. For security sake, store
the (encrypted)credentials in a safe place and use role based security to
control access to the LDAP.
Another (and more secure) option is to move this code to COM+ as a server
type apllication that runs with fixed credentials, here again you can apply
roles to implement fine-grained security access control and auditing.

Willy.

| Hi,
|
| This is Jay Mehta. I have this problem when using LDAP. I extract names
| and EmailId's of all those present from LDAP and populate in a
| datagrid.
|
| Now when run locally, it is running properly. But when put on Web
| Server and try to access it from client machines, it is giving the
| Error as "An Operation Error Occured".
|
| It is running properly even when running on webserver directly. But
| only while accessing from Client Machines it is throwing that
| Exception.
|
| The code i am using is:
|
| System.DirectoryServices.DirectoryEntry root = new
| System.DirectoryServices.DirectoryEntry("LDAP://dc="Domainname",dc=com");
|
| System.DirectoryServices.DirectorySearcher oSearcher = new
| System.DirectoryServices.DirectorySearcher(root);
|
| oSearcher.ReferralChasing =
| System.DirectoryServices.ReferralChasingOption.All;
|
| oSearcher.PropertiesToLoad.Add("mail");
| oSearcher.PropertiesToLoad.Add("Name");
| int count=0;
| oSearcher.Filter = "(&(objectcategory=user)(mail=*))";
| System.DirectoryServices.SearchResultCollection oResult = null;
| try
| {
| oResult = oSearcher.FindAll();
| foreach(SearchResult osearchres in oResult)
| {
| try
| {
| DataRow dr;
| dr=ds.Tables[0].NewRow();
| dr["Email"] = osearchres.Properties["mail"][0].ToString();
| dr["Name"] = osearchres.Properties["name"][0].ToString();
| dt.Rows.Add(dr);
| count=count+1;
| }
| catch(Exception aExc)
| {
| throw aExc;
| }
| }
| DataGrid1.DataSource=ds;
| DataGrid1.DataBind();
| DataGrid1.Visible=true;
| Session["ActiveDirectoryListing"]=ds;
| }
| catch(Exception aExc)
| {
| throw aExc;
| }
|
|
|
| Just want to know if there are any security setting that needs to be
| done on webserver.
|
| Any help would be highly appreciated.
|
| Thanks,
| Jay
|
 
Hi, Thanks for the reply.

Now i have found something new. Its not that this error occurs
everytime. Sometimes i do get the list after retrying 10-20 times. But
maximum times it is a failure.
So this means that there is no issue with Permissions or security. But
what is the problem i am not able to figure out.


Waiting for reply,
Thanks
Jay.
 
Back
Top