Wrox Programmer Forums

Need to download code?

View our list of code downloads.

Go Back   Wrox Programmer Forums > C# and C > C# 2005 > C# 2005
Password Reminder
Register
Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
C# 2005 For discussion of Visual C# 2005.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the C# 2005 section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
 
 
Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old September 25th, 2007, 03:43 PM
Authorized User
 
Join Date: Mar 2004
Location: , , .
Posts: 74
Thanks: 0
Thanked 0 Times in 0 Posts
Default Searching AD

I am trying to search Active Direcoty to pull user information. I have a correct LDAP string assigned but i get the following error: System.DirectoryServices.DirectoryServicesCOMExcep tion (0x8007052E): Logon failure: unknown user name or bad password.

I am trying to get user details just passing user name. I am not sure if password is required as well because when i try to search users in different AD server, i can pull out the user details just passing the username. any help?

thanks
  #2 (permalink)  
Old September 25th, 2007, 04:31 PM
joefawcett's Avatar
Wrox Author
Points: 9,763, Level: 42
Points: 9,763, Level: 42 Points: 9,763, Level: 42 Points: 9,763, Level: 42
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Exeter, , United Kingdom.
Posts: 3,074
Thanks: 1
Thanked 38 Times in 37 Posts
Default

That usually means the account running the code does not have authority to query Active Directory. You'll have to tell us something about your scenario, is it web based, desktop based etc?

--

Joe (Microsoft MVP - XML)
  #3 (permalink)  
Old October 1st, 2007, 05:15 PM
Authorized User
 
Join Date: Mar 2004
Location: , , .
Posts: 74
Thanks: 0
Thanked 0 Times in 0 Posts
Default

this is a web-based application. what happens is if i just pass the user name, i can just get all the info for the user. now, i try to validate by passing both username and password, then it throws the error. and i know that the password is correct.

any idea?
  #4 (permalink)  
Old October 1st, 2007, 05:48 PM
joefawcett's Avatar
Wrox Author
Points: 9,763, Level: 42
Points: 9,763, Level: 42 Points: 9,763, Level: 42 Points: 9,763, Level: 42
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Exeter, , United Kingdom.
Posts: 3,074
Thanks: 1
Thanked 38 Times in 37 Posts
Default

I think you maybe passing the wrong credentials, the app needs the account running the code to have permission to extract the data, or a legitimate set of credentials otherwise. The password of the actual user being searched is irrelevant. Can you show a simplified version of the code you are using and also state which account the web server is running under?

--

Joe (Microsoft MVP - XML)
  #5 (permalink)  
Old October 1st, 2007, 07:30 PM
Wrox Author
Points: 13,255, Level: 49
Points: 13,255, Level: 49 Points: 13,255, Level: 49 Points: 13,255, Level: 49
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Oct 2005
Location: Ohio, USA
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

You have a couple of choices here but, as joe said, it would be much easier for us to help you if we could see your code.

First off, a good explination of what you want to do can be found in chapter 12 of: Professional ASP.NET 2.0 Security, Membership, and Role Management ( http://www.wrox.com/WileyCDA/WroxTit...764596985.html ) as chapter 12 covers the ActiveDirectoryMembershipProvider at great length and how to query AD using that provider.

Alternatively you can read that book at http://wrox.books24x7.com (and alot of the other Wrox publications for that matter) and it only costs $49.99 per 3 months. ^^

In any event, without seeing yoru code, you have a couple of ways to solve this.

First, you could setup Integrated Windows Authentication for your web directory but, by doing this, you make at least 1 assumption: That the windows account accessing the resource has the necessary rights to query Active Directory.

Secondly, you could use impersonation through your web.config so that the your application runs as X Domain Account that has the rights to query Active Directory.

hth.



================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
Technical Editor for:
Professional Search Engine Optimization with ASP.NET
Professional IIS 7 and ASP.NET Integrated Programming
Wrox Blox: Introduction to Google Gears
Wrox Blox: Create Amazing Custom User Interfaces with WPF and .NET 3.0
================================================== =========
  #6 (permalink)  
Old October 2nd, 2007, 11:30 AM
Authorized User
 
Join Date: Mar 2004
Location: , , .
Posts: 74
Thanks: 0
Thanked 0 Times in 0 Posts
Default

here is my code. if i just run the code like it, then i would get the student info. if I uncomment the code line below for DirectoryEntry and comment out the line above, the i get the invalid credential error.

Note:
I am authenticating the user from another domain. i am running this code in my local box and it's in different domain. and when i talked to our Network guy, he said those two domains trust each other and i would think so as well since i can pull the data if i just pass the username.

string strUserName = "abc123";
string strLDAPConnection = "LDAP://domainname";
DirectoryEntry dirEntry = new DirectoryEntry(strLDAPConnection);
//DirectoryEntry dirEntry = new DirectoryEntry(strLDAPConnection, strUserName, "001502");
DirectorySearcher searcher = new DirectorySearcher(dirEntry);
searcher.Filter = "(samaccountname=" + strUserName + ")";
searcher.SearchScope = SearchScope.Subtree;
SearchResult sResult = null;
bool blUserAthenticated = false;
try
       {
            sResult = searcher.FindOne();
            blUserAthenticated = true;
        }
        catch (Exception ex)
        {
            Response.Write(ex);
            blUserAthenticated = false;
        }

        if (sResult == null)
            blUserAthenticated = false;

        if (blUserAthenticated)
        {
            Response.Write("<b>UserName:</b> " + GetProperty(sResult, "samaccountname"));
            Response.Write("<br>");
            Response.Write("<b>First Name:</b> " + GetProperty(sResult, "givenname"));
            Response.Write("<br>");
            Response.Write("<b>Last Name:</b> " + GetProperty(sResult, "sn"));
            dirEntry.RefreshCache();
        }
        dirEntry.Close();
public string GetProperty(SearchResult sr, string propertyName)
    {
        if (sr.Properties.Contains(propertyName))
        {
            return sr.Properties[propertyName][0].ToString();
        }
        else
        {
            return string.Empty;
        }
    }

thanks
  #7 (permalink)  
Old October 2nd, 2007, 11:40 AM
joefawcett's Avatar
Wrox Author
Points: 9,763, Level: 42
Points: 9,763, Level: 42 Points: 9,763, Level: 42 Points: 9,763, Level: 42
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Exeter, , United Kingdom.
Posts: 3,074
Thanks: 1
Thanked 38 Times in 37 Posts
Default

Well I would try it with your username and password, not the user you are searching for and also try using a different constructor,
Code:
new DircetoryEntry(path, username, password, AuthenticationTypes.Delegate)
--

Joe (Microsoft MVP - XML)
  #8 (permalink)  
Old October 2nd, 2007, 12:10 PM
Authorized User
 
Join Date: Mar 2004
Location: , , .
Posts: 74
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Joe, thanks for your quick response, i would really appreciate it.

and it worked when I passed the AuthenticationTypes.Delegation. I was using AuthenticationTypes.Secure.

would you please give more info what's the difference and how it would affect the web application because I use AuthenticationTypes.Secure in the same application for other users and it works fine. Eventhough its a cross domain thing, how do i know when to use either one.

thanks
  #9 (permalink)  
Old October 2nd, 2007, 12:16 PM
joefawcett's Avatar
Wrox Author
Points: 9,763, Level: 42
Points: 9,763, Level: 42 Points: 9,763, Level: 42 Points: 9,763, Level: 42
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Exeter, , United Kingdom.
Posts: 3,074
Thanks: 1
Thanked 38 Times in 37 Posts
Default

To be honest I've never used it, I just looked it up on msdn2.com, ther's a list of types there with what they mean.

--

Joe (Microsoft MVP - XML)
  #10 (permalink)  
Old October 2nd, 2007, 12:23 PM
Authorized User
 
Join Date: Mar 2004
Location: , , .
Posts: 74
Thanks: 0
Thanked 0 Times in 0 Posts
Default

would you please tell me one thing that when for some users i don't even use any authentication type and which is working fine. i just pass the user name and password.

is it the reason that the webserver is in the same domain where the AD domain is? and in the case where i was having trouble, the users i was trying to authenticate were in different domain than the webserver domain?

thanks
 


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Add existing AD user to AD group via ADSI? thiazi Classic ASP Basics 0 August 24th, 2007 09:27 PM
Ad Rotator js_newbie Javascript 0 April 4th, 2007 11:30 PM
AD Credentials gygaxx Visual Basic 2005 Basics 4 January 10th, 2007 08:32 AM
ad rotator help crazzzy90210 Classic ASP Components 2 November 25th, 2005 12:11 AM
Ad ImpressionCount? developerz BOOK: ASP.NET Website Programming Problem-Design-Solution 0 November 17th, 2003 12:34 PM



All times are GMT -4. The time now is 10:22 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.