AD in Web Application

  • Thread starter Thread starter MDS
  • Start date Start date
M

MDS

All,

I want to retrieve Users from my AD via a Web appliction. I ran this script
to populate a combobox in a normal app and it works...
But when I use this script in a Web App it fails
Any Idea Why?

Marc
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE")

Dim mySearcher1 As New System.DirectoryServices.DirectorySearcher(entry)

Dim result As System.DirectoryServices.SearchResult

Dim oValue As New ArrayList

Dim mySearcher

For Each result In mySearcher.FindAll()

oValue.Add(Microsoft.VisualBasic.Right(result.GetDirectoryEntry().Name,
Len(result.GetDirectoryEntry().Name) - 3))

Next

User1.DataSource = oValue

User1.Visible = True
 
MDS said:
All,

I want to retrieve Users from my AD via a Web appliction. I ran this script
to populate a combobox in a normal app and it works...
But when I use this script in a Web App it fails
Any Idea Why?

Marc
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE")

Dim mySearcher1 As New System.DirectoryServices.DirectorySearcher(entry)

Dim result As System.DirectoryServices.SearchResult

Dim oValue As New ArrayList

Dim mySearcher

For Each result In mySearcher.FindAll()
Click to expand...

should this by MySearcher1?
 
Hi MDS,

This kind of errors is mostly because the aspnet user has (fortunatly) no
rights on the server resources.

But it is a gues,

Cor
 
By default your web application will run under the machine account, which
has no network privledges. You could either specify a username and password
that has rights to access that LDAP root when you create "entry" (see the
overloads for the DirectoryEntry constructor to pass credentials), or - you
could use impersonation in your web app. (do this only if people hitting it
will be from an internal network, on your local domain).

To pass in credentials:
Dim entry As New
DirectoryServices.DirectoryEntry("LDAP://DC=PROD,DC=TELENET,DC=BE",
"userLogin", "Password")

To enable impersonation, in your web.config file, add this in the
<system.web> config section:
<identity impersonate="true"/>

(the impersonate key would also allow you to impersonate a specific user for
that web application. See the docs for more information on asp.net's
identity tag, or this kb article
http://support.microsoft.com/default.aspx?kbid=306158)
 
Philip, Adding that gives me an error...
Also when I use LDAP://dc:prod,dc=telenet,dc=be" then it gives an error
while running. When I use "LDAP://"servername" it doesn't...Any Idea? I'm
very new to VB.net, but have a lot experience in VBS

Marc
 
Hi,

You did get some answers I saw, but I never give answers accoording to
change the security downwards.

But there is a special newsgroup for this

microsoft.public.dotnet.security

Cor
 
Thx Cor, Next time i'll post it there...but in the meantime...would you be
so kind to help me?

Marc
 
What error does that give you ? (note that username and password should be a
user that has credentials to that LDAP directory - try your own if you can
get it to work locally)

Your first LDAP string should search the default domain, while the second
looks at a particular server. Unfortunately, I am not an LDAP guru, and
can't really help you on that. I have to flop about in order to get LDAP
strings right myself.

Did you try the impersonation avenue at all?
 
No need to apoligize dude. =)

If I had a nickel for every time I made a typo like that... I'd have a sh...
well... lets just say enough that I wouldn't be spending my time on here. =)

Eh... who am I kidding, I'd be here no matter how much money I had...
 
OK, problem solved...
Its was not AD related....
Thx anyway, stil a lot of questions, so you see me arround....;-)

1000 THX, without your help I couldn't get it to work.

Marc
 
Hi Marc,

I am glad that the problem has been resolved.

If you have any concern on this issue, please post here.

Regards,
Peter Huang
Microsoft Online Partner Support
Get Secure! www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
 
Back
Top