Authentication Problem Is Making Me A Little Nuts

[Jerry Camel]

Okay... More than a little. This was working just fine from the original
server. Why would it stop:

I'm using a basic test to see if a user is a valid account in AD. Something
like:

dirEntry = New DirectoryEntry("LDAP://RootDSE", txtUser.Text,
txtPassword.Text)
sTemp = dirEntry.Properties("Name").Value

If I get an exception when reading the "Name" property, I figure either the
user name or password is invlaid.

This was working just fine, but when I moved my app to a different server
(still in the same domain) this no longer seems to work. Even valid
users/password combinations are causing an exception:

"The specified domain either does not exist or could not be contacted."

Often this could be attributed to a DNS issue, but I can login to the domain
from that box without a problem. And I'm writing the code on the same box
as the web server. I can query AD successfully from a Windows Forms
application, but the web app fails. My guess is that it's a rights issue
with the ASPNET account or something, but I don't remember having to do
anything special to make this work on the other server.

Any insight is truly appreciated. Thanks.

Jerry

 

[Jerry Camel]

Okay... Made some progress, but I still don't quite get why this is
happening...

First, an obvious difference is that the first box was running Win2K3 and
the new box is running Windows 2000.
On the Windows 2000 box, if I specify an actual DC name in the LDAP query
then it works okay. Why doesn't it work properly when using RootDSE? And
why would it work on Win2K3? Does this have something to do with the query
running under the context of the domain of the logged-on user? Even if I
specify the domain with the user account, a RootDSE query fails under Win2K.

Can anyone explain why this is happening? I'd really rather not specify a
specific DC in the code.

If further clarification is needed, please ask. Thanks.

Jerry