Did you try changing the LDAP path? I originally had composed a string similar to
yours and it would not work.
if so i'm stumped. My applications all use integrated security and DirectoryServices.
Even the database access uses integrated security.
Here are some other things to try:
1. Request.ServerVariables.Get("AUTH_USER") will tell you who IIS thinks is logged in.
2. If you access the server using a non-intranet address ... (ie. instead of
http://myserver you use http://myserver.mydomain.com) Internet Explorer should prompt
you for the authentication credentials instead of passing them automatically.
3. Integrated Security only works with Internet Explorer.
4. You definitely do not want to specify a user in web.config, just in case you had on
some other line.
5. Only new versions of IE for Mac work correctly, and that only when the Time Zone is
the same as the server. (just threw that in as a random tidbit)
<>< Ryan
-----Original Message-----
From: Sapp, Tim [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 08, 2003 9:27 AM
To: dotnet
Subject: RE: SystemDirectoryServices Again
Apparently, even though I have
<identity impersonate="true" />
<authentication mode="Windows" />
in the web.config and remove the Anon connection from IIS I am still not
impersonating the person logged in. I just tried to set the password for
the user ID and got an Access is Denied because the MachineName.ASPNET user
ID does not have rights. Do I have to set this anywhere else to have it
act as the person logged in?
Tim Sapp
-----Original Message-----
From: Sapp, Tim [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 08, 2003 8:53 AM
To: dotnet
Subject: RE: SystemDirectoryServices Again
It is a web site that has Anon removed. You must login to the site to get
access to the pages. I have added the identity to the Web.Config so it
should pass the logged in userid to the control. I figure that I am missing
something to have it pass along the data I am just not sure where I need to
set it.
Tim Sapp
-----Original Message-----
From: TheOracle [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 08, 2003 12:26 AM
To: dotnet
Subject: Re: SystemDirectoryServices Again
Hi all,
I do not know how you are expecting the anonymous user, who belongs to a
specific IIS (Server), to be able to connect you to the domain. Hence,
you have to connect with a user who belongs to a domain, or create the
anonymous user as a user who belongs to the domain.
Again, I'm not sure of the architecture of your domain with respect to
your web server.
Sincerely,
TheOracle
Ryan Jameson (USA) wrote:
>check your path:
>LDAP://Domain/OU=test,DC=Domain,DC=PVT
>
>I think I found that it didn't seem to work as was documented and I faintly
remember hitting a point where I thought I was connected and querying
properly but getting errors similar to yours.
>
>Try just LDAP://dc=Domain,dc=PVT .... and if you're searching a specific OU
put that in your criteria instead.
>
>... Just an idea.
>
><>< Ryan
>
>-----Original Message-----
>From: Sapp, Tim [mailto:[EMAIL PROTECTED]]
>Sent: Tuesday, January 07, 2003 3:02 PM
>To: dotnet
>Subject: SystemDirectoryServices Again
>
>
>
>Guys,
>
>I am still unable to get it to connect to the domain without passing the
>userid and password. I have added the identity line to the Web.Config and
>removed all extra code from the sub that I am trying to run. It's
stopping
>at the "For Each DE in DirEntry.Children" with a
>
>"System.Runtime.InteropServices.COMException: The specified directory
>service attribute or value does not exist:
>
>
>I have removed the anonymous from the web site and I am using Windows
>Integrated security on the site. If I change the line to include the user
>name and password it works so I know the syntax should be correct. I never
>get an error on creating the object so I am not sure where the exact
problem
>is. Just looks like a security issue to me.
>
>Tim Sapp
>
>
>*************** Code From Web.Config
>
><System.Web>
>
><identity impersonate="true" />
><authentication mode="Windows" />
>
></System.Web>
>
>
>*************** Code from CreateUser.ASPX
>
>Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
>System.EventArgs) Handles but_Create.Click
>
> Dim DomainPath As String = "LDAP://Domain/OU=test,DC=Domain,DC=PVT";
> Dim DirEntry As New DirectoryEntry(DomainPath) '
>DirectoryEntry(DomainPath, "UserID", "Password") works
> Dim DE As DirectoryEntry
>
> For Each DE In DirEntry.Children ' <-- Fails Here
> temp.Text = temp.Text & DE.Name
> Next
>
>
>End Sub
>
>---
>You are currently subscribed to dotnet as: [EMAIL PROTECTED]
>To unsubscribe send a blank email to %%email.unsub%%
>
>---------
>Administrated by 15 Seconds : http://www.15Seconds.com
>List Archives/Search : http://local.15Seconds.com/search
>Subscription Information : http://www.15seconds.com/listserv.htm
>Advertising Information: http://www.internet.com/mediakit/
>
>
>
>---
>You are currently subscribed to dotnet as: [EMAIL PROTECTED]
>To unsubscribe send a blank email to %%email.unsub%%
>
>---------
>Administrated by 15 Seconds : http://www.15Seconds.com
>List Archives/Search : http://local.15Seconds.com/search
>Subscription Information : http://www.15seconds.com/listserv.htm
>Advertising Information: http://www.internet.com/mediakit/
>
>
>
>
--
Your favorite stores, helpful shopping tools and great gift ideas.
Experience the convenience of buying online with Shop@Netscape!
http://shopnow.netscape.com/
---
You are currently subscribed to dotnet as: [EMAIL PROTECTED]
To unsubscribe send a blank email to %%email.unsub%%
---------
Administrated by 15 Seconds : http://www.15Seconds.com
List Archives/Search : http://local.15Seconds.com/search
Subscription Information : http://www.15seconds.com/listserv.htm
Advertising Information: http://www.internet.com/mediakit/
---
You are currently subscribed to dotnet as: [EMAIL PROTECTED]
To unsubscribe send a blank email to %%email.unsub%%
---------
Administrated by 15 Seconds : http://www.15Seconds.com
List Archives/Search : http://local.15Seconds.com/search
Subscription Information : http://www.15seconds.com/listserv.htm
Advertising Information: http://www.internet.com/mediakit/
---
You are currently subscribed to dotnet as: [EMAIL PROTECTED]
To unsubscribe send a blank email to %%email.unsub%%
---------
Administrated by 15 Seconds : http://www.15Seconds.com
List Archives/Search : http://local.15Seconds.com/search
Subscription Information : http://www.15seconds.com/listserv.htm
Advertising Information: http://www.internet.com/mediakit/
---
You are currently subscribed to dotnet as: [email protected]
To unsubscribe send a blank email to [EMAIL PROTECTED]
---------
Administrated by 15 Seconds : http://www.15Seconds.com
List Archives/Search : http://local.15Seconds.com/search
Subscription Information : http://www.15seconds.com/listserv.htm
Advertising Information: http://www.internet.com/mediakit/
