Query AD using ASP.Net(C#) fails but works in VBScript

  • Thread starter Thread starter M. Craig
  • Start date Start date
M

M. Craig

Help!

Ultimately I'm trying to retrieve a list of users from active directory
using asp.net with C#. I have been able to do this using VBScript
successfully (with the ado object). With the C# code I receive error
message: System.Runtime.InteropServices.COMException: The specified domain
either does not exist or could not be contacted

Anyway, here is the VBScript that works:

Set objCommand = CreateObject("ADODB.Command")
objCommand.ActiveConnection = objConnection

objCommand.CommandText =
"<LDAP://OU=Enterprise,dc=health,dc=ad>;;distinguishedName,name,mail"
Set ObjRecordSet = objCommand.Execute

While not objRecordset.EOF
if objRecordSet.Fields("mail") <> "" and
Left(objRecordSet.Fields("mail"),1) <> "!" then
wscript.echo objRecordSet.Fields("name") & vbTab & _
objRecordSet.Fields("mail")
end if
objRecordSet.MoveNext
Wend

And here is the Asp.Net code that doesn't.

if(!Page.IsPostBack)
{
DirectoryEntry de = new
DirectoryEntry("LDAP://OU=Enterprise,DC=HEALTH,DC=AD");
foreach(DirectoryEntry dEntry in de.Children)
{
Response.Write("<br>" + dEntry.Name.ToString());
}
}
 
Your problems is almost certainly an issue with the fact that you cannot use
serverless binding unless you current security context is a domain account
and ASP.NET by default runs under a local machine account (ASPNET).

There is much more information here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;329986

I suggest you try specifying a server in your binding string and specifying
a username and password for your DirectoryEntry. If that makes the problem
go away, then it is definitely a security context issue and the above KB
article can suggest a variety of options for dealing with the problem.

Joe K.
 
Thank You.

That's the ticket!

Mike


Joe Kaplan (MVP - ADSI) said:
Your problems is almost certainly an issue with the fact that you cannot use
serverless binding unless you current security context is a domain account
and ASP.NET by default runs under a local machine account (ASPNET).

There is much more information here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;329986

I suggest you try specifying a server in your binding string and specifying
a username and password for your DirectoryEntry. If that makes the problem
go away, then it is definitely a security context issue and the above KB
article can suggest a variety of options for dealing with the problem.

Joe K.
 
Back
Top