losing connection to Active Directory

G

Guest

I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
 
N

Nick Malik [Microsoft]

COM exception is the type of error, not the error itself. Please post the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
 
G

Guest

Nick thanks for your response.. the error message is shown below. Am trying
to get Email Address, Displayname from the active directory passing username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



Nick Malik said:
COM exception is the type of error, not the error itself. Please post the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
 
N

Nick Malik [Microsoft]

The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



Nick Malik said:
COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
Click to expand...
 
G

Guest

Am using "Integrated Windows Authentication", it works fine but sometime the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

Nick Malik said:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help.. many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



Nick Malik said:
COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
Click to expand...
 
N

Nick Malik [Microsoft]

Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Am using "Integrated Windows Authentication", it works fine but sometime
the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

Nick Malik said:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right
to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help..
many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
+705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



:

COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the
client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
Click to expand...
 
G

Guest

I've to more methods using the DirectorySearcher, here is the class

using System;
using System.DirectoryServices;
using System.Configuration;
using System.Collections;
using System.Web.UI;
using System.Drawing;
using System.Data;
using System.IO;
using System.Web;
using intranet.Classes;
namespace intranet
{
/// <summary>
/// Summary description for ldap.
/// </summary>
public class ActiveDirectory
{
public ActiveDirectory()
{
//
// TODO: Add constructor logic here
//

}
/// <summary>
/// This methods checks if a user exist in the Active Directory.
/// </summary>
/// <param name="UserName">Username</param>
/// <returns>bool</returns>
public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new DirectorySearcher(de);
//ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");

SearchResult result = ds.FindOne();
if(result == null)
{
return false;
}
}
catch(Exception ex)
{
throw new Exception("Error autenticating user." + ex.Message);
}
return true;
}


/// <summary>
/// Method to validate if a user exists in the AD.
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
/*
public bool UserExists(string UserName)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";
SearchResultCollection results = deSearch.FindAll();
if(results.Count == 0)
{
return false;
}
else
{
return true;
}
}
*/

/// <summary>
/// Gets User details from AD like user firstname, lastname, email etc.
/// </summary>
/// <param name="UserName">username</param>
/// <returns>array</returns>
public string[] getUserDetails(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
string[] UserInfo = new string[3];

DirectorySearcher ds = new DirectorySearcher(de);
// ds.Filter = ("OU="+ GroupName + "");
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();

try
{
if(result ==null)
{

UserInfo[0] = "Unknown";
UserInfo[1] = "Unknown";
return UserInfo;
}
}
catch(Exception ex)
{
throw new Exception("Error obtaining your details." + ex.Message);

}
UserInfo[0] =
result.GetDirectoryEntry().Properties["displayname"].Value.ToString();
UserInfo[1] =
result.GetDirectoryEntry().Properties["mail"].Value.ToString();
return UserInfo;

}
/// <summary>
/// This method checks if the logged on user is a member of a given
group in Active Directory.
/// Used to restrict access to certain area of the intranet.
/// </summary>
/// <param name="GroupName">Group name in AD</param>
/// <returns>bool</returns>
public bool IsMemberOf(string GroupName)
{

Security NTSecurity = new Security();
string UserName = NTSecurity.getLogonUser();

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
//DirectoryEntry de = new
DirectoryEntry("LDAP://OU="+GroupName+",DC=amersham,DC=ac,DC=uk",ConfigurationSettings.AppSettings["ADUser"],ConfigurationSettings.AppSettings["ADPass"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new
DirectorySearcher(de,"sAMAccountName="+UserName);
//ds.Filter = ("OU="+ GroupName + "");
//ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result !=null)
{
return true;
}
}
catch(Exception ex)
{
throw new Exception("Access denied." + ex.Message);
}

return false;
}

}

}







Nick Malik said:
Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Am using "Integrated Windows Authentication", it works fine but sometime
the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

Nick Malik said:
The active directory is a protected resource. Therefore, the only people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no right
to
bind.

What authentication mechanism is your app using? Do you allow anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help..
many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
+705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



:

COM exception is the type of error, not the error itself. Please post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
I have web application that quaries the Active Directory to get user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the
client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
Click to expand...
 
N

Nick Malik [Microsoft]

Hello Huzz,

I haven't seen this particular problem before. I need to know exactly what
the user has to do to clear it.

You mentioned that you have to restart the client machine and you've
mentioned logging off and logging on. Does restarting the browser (only)
have any effect?

Do your users tend to connect to your site and stay there for a long period
of time with intermittent activity?

Does this happen when the user first connects to the site, or does it happen
when the user has been using the site for a while?

Does it make a difference in the behavior if the browser is left open to a
spot for 20 or more minutes? (e.g. does this only happen, or never happen,
or more frequently happen, when the session expires at some point during the
time when the user is on your site)?

Can you tell me anything about the people who experience this problem? Are
they using laptops or wireless networks? Is there something unique about
their accounts?


--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
I've to more methods using the DirectorySearcher, here is the class

using System;
using System.DirectoryServices;
using System.Configuration;
using System.Collections;
using System.Web.UI;
using System.Drawing;
using System.Data;
using System.IO;
using System.Web;
using intranet.Classes;
namespace intranet
{
/// <summary>
/// Summary description for ldap.
/// </summary>
public class ActiveDirectory
{
public ActiveDirectory()
{
//
// TODO: Add constructor logic here
//

}
/// <summary>
/// This methods checks if a user exist in the Active Directory.
/// </summary>
/// <param name="UserName">Username</param>
/// <returns>bool</returns>
public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new DirectorySearcher(de);
//ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");

SearchResult result = ds.FindOne();
if(result == null)
{
return false;
}
}
catch(Exception ex)
{
throw new Exception("Error autenticating user." + ex.Message);
}
return true;
}


/// <summary>
/// Method to validate if a user exists in the AD.
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
/*
public bool UserExists(string UserName)
{
DirectoryEntry de = ADHelper.GetDirectoryEntry();
DirectorySearcher deSearch = new DirectorySearcher();
deSearch.SearchRoot =de;
deSearch.Filter = "(&(objectClass=user) (cn=" + UserName +"))";
SearchResultCollection results = deSearch.FindAll();
if(results.Count == 0)
{
return false;
}
else
{
return true;
}
}
*/

/// <summary>
/// Gets User details from AD like user firstname, lastname, email
etc.
/// </summary>
/// <param name="UserName">username</param>
/// <returns>array</returns>
public string[] getUserDetails(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
de.AuthenticationType = AuthenticationTypes.Secure;
string[] UserInfo = new string[3];

DirectorySearcher ds = new DirectorySearcher(de);
// ds.Filter = ("OU="+ GroupName + "");
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();

try
{
if(result ==null)
{

UserInfo[0] = "Unknown";
UserInfo[1] = "Unknown";
return UserInfo;
}
}
catch(Exception ex)
{
throw new Exception("Error obtaining your details." + ex.Message);

}
UserInfo[0] =
result.GetDirectoryEntry().Properties["displayname"].Value.ToString();
UserInfo[1] =
result.GetDirectoryEntry().Properties["mail"].Value.ToString();
return UserInfo;

}
/// <summary>
/// This method checks if the logged on user is a member of a given
group in Active Directory.
/// Used to restrict access to certain area of the intranet.
/// </summary>
/// <param name="GroupName">Group name in AD</param>
/// <returns>bool</returns>
public bool IsMemberOf(string GroupName)
{

Security NTSecurity = new Security();
string UserName = NTSecurity.getLogonUser();

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
//DirectoryEntry de = new
DirectoryEntry("LDAP://OU="+GroupName+",DC=amersham,DC=ac,DC=uk",ConfigurationSettings.AppSettings["ADUser"],ConfigurationSettings.AppSettings["ADPass"]);
de.AuthenticationType = AuthenticationTypes.Secure;
try
{
DirectorySearcher ds = new
DirectorySearcher(de,"sAMAccountName="+UserName);
//ds.Filter = ("OU="+ GroupName + "");
//ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
if(result !=null)
{
return true;
}
}
catch(Exception ex)
{
throw new Exception("Access denied." + ex.Message);
}

return false;
}

}

}







Nick Malik said:
Is this the only one using DirectorySearcher?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
huzz said:
Am using "Integrated Windows Authentication", it works fine but
sometime
the
user requires to log off and log back in to avoid the error message.

I've few other method that calls the AD, only this one causing problem.

:

The active directory is a protected resource. Therefore, the only
people
who have the right to see it are people who are in it. This means you
won't
get an empty return set from your query... you'll get an error on Bind
(which you did) because an account that doesn't have access has no
right
to
bind.

What authentication mechanism is your app using? Do you allow
anonymous
users?

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
Nick thanks for your response.. the error message is shown below. Am
trying
to get Email Address, Displayname from the active directory passing
username
as the parameter.. do you think my method is wrong?? please help..
many
thanks again

[COMException (0x80072020): An operations error occurred]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
+705
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObject() +10
System.DirectoryServices.DirectorySearcher.FindAll(Boolean
findMoreThanOne) +199
System.DirectoryServices.DirectorySearcher.FindOne() +31
frs.ActiveDirectory.getUserDetails(String UserName) in
c:\inetpub\wwwroot\buildingservices\frs\classes\activedirectory.cs:57
frs.request.Page_Load(Object sender, EventArgs e) in
c:\inetpub\wwwroot\buildingservices\frs\request.aspx.cs:50
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +750



:

COM exception is the type of error, not the error itself. Please
post
the
error itself...
And put a Try-Catch around your code!

It's probably an error with the parameters.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
I have web application that quaries the Active Directory to get
user
details.. everything works fine but someday I'll get
System.Runtime.InteropServices.COMExection and if I restart the
client
machine then it works again.

here is one of the method where am calling the AD

public bool UserExist(string UserName)
{

DirectoryEntry de = new
DirectoryEntry(ConfigurationSettings.AppSettings["ADPath"]);
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = ("ObjectCategory=user");
ds.Filter = ("samaccountname="+ UserName + "");
SearchResult result = ds.FindOne();
bool UserExist;
if(result != null)
{
UserExist = true;
}
else
{
UserExist = false;
}
return UserExist;
}

Please help
Click to expand...
Click to expand...
Click to expand...
 
P

Pip

I am also suffering from this problem. There does not appear to be any
pattern. It does not happen after a session timeout any more than
before. It does seem to happen more when the DC is busy, but that may
be becuase more people are using the website at that time as well. We
also sometimes get a different message, the text is 'The server is not
operational', I can't remember the error code, if it will be any help I
can find it. It is not specific to any particular user or users, even
the domain admins get the error sometimes. We do use the same dll in a
WinForms app as well as on the website, the WinForms app does not appear
to suffer from this problem any where near as much, possably not at all,
but again this may be due to the number of lookups the website does
compared to our WinForms app one per application instance.
 
N

Nick Malik [Microsoft]

One of my apps does AD lookups in the web site. However, the AD is an
expensive resource, and slow at times, so we cache the results in a set of
database tables. That way, when one person moves from activity to activity,
we don't have to keep coming back to the AD. We cache AD data for three
days, but provide a mechanism for our operations support team to refresh any
particular user by coming to a page and entering their ID.

I never see this error.

I don't know if this helps.

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
 
P

Pip

Thanks for your reply. We do now have a database available that is a
'copy' of AD and is updated each night. I have considered changing the
website to query the database instead of AD. In fact the database was
created so that a new system we are writing did not have to burden AD
with more LDAP queries. But the change is quite a big one and I was
trying to exhaust other options first, if the error is only due to
overloading the DC then changing to the database is a good idea, if the
errors are becuase I have done something wrong then I would prefer to
fix it.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Finding full name in Active Directory from a given username 4
How do you authenticate a user and pswd for local accounts from windowsforms? 1
Authenticate user against active directory 1
Querying Solaris LDAP server 3
Querying Active Directory 2
.net active directory 1
getting user data from Active Directory 4
how to have component run in security context of windows user? 1

Top