I Checked the servervariables and both AUTH_USER and LOGON_USER are "CROSSMARK\Tim.Sapp"
--- What is another format for an LADP connection string besides the following? LDAP://Domain/OU=path,DC=Domain,DC=PVT This is what I use when I pass a userID and Password and it works. It's also the way I did it with ADSI. Tim Sapp -----Original Message----- From: Ryan Jameson (USA) [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 11:13 AM To: dotnet Subject: RE: SystemDirectoryServices Again Did you try changing the LDAP path? I originally had composed a string similar to yours and it would not work. if so i'm stumped. My applications all use integrated security and DirectoryServices. Even the database access uses integrated security. Here are some other things to try: 1. Request.ServerVariables.Get("AUTH_USER") will tell you who IIS thinks is logged in. 2. If you access the server using a non-intranet address ... (ie. instead of http://myserver you use http://myserver.mydomain.com) Internet Explorer should prompt you for the authentication credentials instead of passing them automatically. 3. Integrated Security only works with Internet Explorer. 4. You definitely do not want to specify a user in web.config, just in case you had on some other line. 5. Only new versions of IE for Mac work correctly, and that only when the Time Zone is the same as the server. (just threw that in as a random tidbit) <>< Ryan -----Original Message----- From: Sapp, Tim [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 9:27 AM To: dotnet Subject: RE: SystemDirectoryServices Again Apparently, even though I have <identity impersonate="true" /> <authentication mode="Windows" /> in the web.config and remove the Anon connection from IIS I am still not impersonating the person logged in. I just tried to set the password for the user ID and got an Access is Denied because the MachineName.ASPNET user ID does not have rights. Do I have to set this anywhere else to have it act as the person logged in? Tim Sapp -----Original Message----- From: Sapp, Tim [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 8:53 AM To: dotnet Subject: RE: SystemDirectoryServices Again It is a web site that has Anon removed. You must login to the site to get access to the pages. I have added the identity to the Web.Config so it should pass the logged in userid to the control. I figure that I am missing something to have it pass along the data I am just not sure where I need to set it. Tim Sapp -----Original Message----- From: TheOracle [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 12:26 AM To: dotnet Subject: Re: SystemDirectoryServices Again Hi all, I do not know how you are expecting the anonymous user, who belongs to a specific IIS (Server), to be able to connect you to the domain. Hence, you have to connect with a user who belongs to a domain, or create the anonymous user as a user who belongs to the domain. Again, I'm not sure of the architecture of your domain with respect to your web server. Sincerely, TheOracle Ryan Jameson (USA) wrote: >check your path: >LDAP://Domain/OU=test,DC=Domain,DC=PVT > >I think I found that it didn't seem to work as was documented and I faintly remember hitting a point where I thought I was connected and querying properly but getting errors similar to yours. > >Try just LDAP://dc=Domain,dc=PVT .... and if you're searching a specific OU put that in your criteria instead. > >... Just an idea. > ><>< Ryan > >-----Original Message----- >From: Sapp, Tim [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, January 07, 2003 3:02 PM >To: dotnet >Subject: SystemDirectoryServices Again > > > >Guys, > >I am still unable to get it to connect to the domain without passing the >userid and password. I have added the identity line to the Web.Config and >removed all extra code from the sub that I am trying to run. It's stopping >at the "For Each DE in DirEntry.Children" with a > >"System.Runtime.InteropServices.COMException: The specified directory >service attribute or value does not exist: > > >I have removed the anonymous from the web site and I am using Windows >Integrated security on the site. If I change the line to include the user >name and password it works so I know the syntax should be correct. I never >get an error on creating the object so I am not sure where the exact problem >is. Just looks like a security issue to me. > >Tim Sapp > > >*************** Code From Web.Config > ><System.Web> > ><identity impersonate="true" /> ><authentication mode="Windows" /> > ></System.Web> > > >*************** Code from CreateUser.ASPX > >Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As >System.EventArgs) Handles but_Create.Click > > Dim DomainPath As String = "LDAP://Domain/OU=test,DC=Domain,DC=PVT"; > Dim DirEntry As New DirectoryEntry(DomainPath) ' >DirectoryEntry(DomainPath, "UserID", "Password") works > Dim DE As DirectoryEntry > > For Each DE In DirEntry.Children ' <-- Fails Here > temp.Text = temp.Text & DE.Name > Next > > >End Sub > >--- >You are currently subscribed to dotnet as: [EMAIL PROTECTED] >To unsubscribe send a blank email to %%email.unsub%% > >--------- >Administrated by 15 Seconds : http://www.15Seconds.com >List Archives/Search : http://local.15Seconds.com/search >Subscription Information : http://www.15seconds.com/listserv.htm >Advertising Information: http://www.internet.com/mediakit/ > > > >--- >You are currently subscribed to dotnet as: [EMAIL PROTECTED] >To unsubscribe send a blank email to %%email.unsub%% > >--------- >Administrated by 15 Seconds : http://www.15Seconds.com >List Archives/Search : http://local.15Seconds.com/search >Subscription Information : http://www.15seconds.com/listserv.htm >Advertising Information: http://www.internet.com/mediakit/ > > > > -- Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ --- You are currently subscribed to dotnet as: [EMAIL PROTECTED] To unsubscribe send a blank email to %%email.unsub%% --------- Administrated by 15 Seconds : http://www.15Seconds.com List Archives/Search : http://local.15Seconds.com/search Subscription Information : http://www.15seconds.com/listserv.htm Advertising Information: http://www.internet.com/mediakit/ --- You are currently subscribed to dotnet as: [EMAIL PROTECTED] To unsubscribe send a blank email to %%email.unsub%% --------- Administrated by 15 Seconds : http://www.15Seconds.com List Archives/Search : http://local.15Seconds.com/search Subscription Information : http://www.15seconds.com/listserv.htm Advertising Information: http://www.internet.com/mediakit/ --- You are currently subscribed to dotnet as: [EMAIL PROTECTED] To unsubscribe send a blank email to %%email.unsub%% --------- Administrated by 15 Seconds : http://www.15Seconds.com List Archives/Search : http://local.15Seconds.com/search Subscription Information : http://www.15seconds.com/listserv.htm Advertising Information: http://www.internet.com/mediakit/ --- You are currently subscribed to dotnet as: [EMAIL PROTECTED] To unsubscribe send a blank email to %%email.unsub%% --------- Administrated by 15 Seconds : http://www.15Seconds.com List Archives/Search : http://local.15Seconds.com/search Subscription Information : http://www.15seconds.com/listserv.htm Advertising Information: http://www.internet.com/mediakit/ --- You are currently subscribed to dotnet as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] --------- Administrated by 15 Seconds : http://www.15Seconds.com List Archives/Search : http://local.15Seconds.com/search Subscription Information : http://www.15seconds.com/listserv.htm Advertising Information: http://www.internet.com/mediakit/
