ldap lookup from window form

  • Thread starter Thread starter swyck
  • Start date Start date
S

swyck

Still trying to find a good group for this question. Posted earlier
in a VB newsgroup. This one may be more appropriate.

I'm launching a windows form using VB .NET 2005 and want to pre-
populate some of the user fields from Active Directory, e.g. "display
name". This works fine when I'm logged in as a local admininstrator,
but not when I'm a lowly domain user.

I get an error "object reference not set to an instance of an
object". I can see the subroutine that is calling the lookup
referenced "at LDAP.Form1.DoLDAP(String inUser, String inDomain)". I
can select continue from the error message and the form loads
otherwise. I'm assuming the LDAP lookup did not work.

relevant code for lookup
Dim myDE As New
System.DirectoryServices.DirectoryEntry("LDAP://
DC=mydomain,DC=com")

Dim mySearcher As New
System.DirectoryServices.DirectorySearcher(myDE)
mySearcher.Filter = "sAMAccountName=" & inUser
mySearcher.PropertiesToLoad.Add("displayName")

If myresult.Properties("displayName").Count > 0 Then etc.

Shouldn't a user be able to see their own AD objects, or is the
problem with the search itself?

I then tried to use impersonation (figuring that the authenticated
user is needed) using examples from MSDN but I get an undeclared
variable on user.identity, so I didn't get anywhere there.

Dim impersonationContext As
System.Security.Principal.WindowsImpersonationContext
Dim currentWindowsIdentity As
System.Security.Principal.WindowsIdentity

currentWindowsIdentity = CType(User.Identity,
System.Security.Principal.WindowsIdentity)
impersonationContext = currentWindowsIdentity.Impersonate()

Any help would be useful. Also how could I best trap this particular
exception
 
I guess the answer is either so simple as to be self-evident or its
just a boring topic.

Yes, the answer was boring. It was of course a stupid programmer
trick where I had turned of the update of my LDAP connection string.
So when a user from a different domain tried to run it, the call
failed since it was looking at a hard coded and incorrect domain.
Works fine now, so I'll have to work on the error handling.
 
Back
Top