|
|
||||||
|
#1
10-03-06, 08:34 AM
|
|
|
|
|
Hello,
I developped an application to display AD users. With Visual Studio environment, no problem. But when I tested with IIS, no user appear. DirectoryEntry Ldap = new DirectoryEntry("LDAP://server.domain.local/OU=Myou,OU=Users,OU=MainOU,DC=domain,DC=local"); DirectorySearcher searcher = new DirectorySearcher(Ldap); searcher.Filter = "(objectClass=user)"; foreach (SearchResult result in searcher.FindAll()) { .. } I tried to specify an AD user in DirectoryEntry, but it was the same problem. Merci de votre aide Thank you for your help |
|
|
|
#2
10-03-06, 04:24 PM
|
|
|
|
|
Your IIS application is probably runnning under the default credentials that may not have permissions to query Active Directory. Try adding <impersonate="true" userName="priviledgedUser" password="password" /> with an account that does have permissions, and see if that fixes it.
Peter Courtesy of EggHeadCafe.com Earn money answering messageboard posts at http://www.eggheadcafe.com/forummerit.aspx |
|
#3
10-03-06, 06:31 PM
|
|
|
|
|
<linuxterrorist> wrote in message
news:9780 > Hello, > > I developped an application to display AD users. With Visual Studio > environment, no problem. > But when I tested with IIS, no user appear. > > DirectoryEntry Ldap = new > DirectoryEntry("LDAP://server.domain.local/OU=Myou,OU=Users,OU=MainOU,DC=domain,DC=local"); > DirectorySearcher searcher = new DirectorySearcher(Ldap); > searcher.Filter = "(objectClass=user)"; > foreach (SearchResult result in searcher.FindAll()) > { > .. > } > > I tried to specify an AD user in DirectoryEntry, but it was the same > problem. In addition to what Peter Says, also disable IIS anonymous access! Remember that IIS by default has not sufficient rights impersonate and to enumerate domain users on the network. If after all still nothing works, you should enable 'trust this server for delegation'. http://blogs.technolog.nl/eprogramme...8/22/1014.aspx |
|
#4
10-04-06, 09:51 AM
|
|
|
|
|
I have added <impor... in the Web.config, I have set the Kerberos
authentication delegate on IIS server but the problem continue to occur. What can I do ? Thank you for help Egbert Nierop (MVP for IIS) a écrit : [..] |
|
#5
10-04-06, 02:11 PM
|
|
|
|
|
<marc.jeremy> wrote in message
news:5990 [I have added <impor... in the Web.config, I have set the Kerberos authentication delegate on IIS server but the problem continue to occur. What can I do ? Thank you for help ] And the anonymous access? Have you disabled that? If you need anonymous access, you'll have to configure another 'anonymous' user instead of IUSR_[webservername]. Keep in mind that you're lowering the security with that. |
|
#6
10-04-06, 03:21 PM
|
|
|
|
|
I have disabled it on the website but unfortunatly it haven't change
anything. Egbert Nierop (MVP for IIS) a écrit : [..] |
|
|
| Similar Threads | |
| DirectoryEntry.Close vs DirectoryEntry.Dispose When I've finished with a DirectoryEntry object, should I be calling ..Close() or .Dispose() or both? I thought I read something when I first started using .NET saying... |
|
| Problem with AD DirectoryEntry in .Net Quick question, I am writing a program to read a CSV file, and update AD. I am having an issue. How can I tell the difference between different types of fields for an... |
|
| Problem w/ DirectoryEntry-class in .NET hello, the constructor for the DirectoryEntry-class doesn't seem to work if i use the following syntax: dim de as new directoryentry("ldap://cn=langbein\, thilo, ou=user,... |
|
| C# DirectoryEntry setPassword problem Hi: I am writing a small utility to add users into 2003 AD. SO i wrote a small script and everything works fine. The main reason for this app is to be able to add many AD... |
|
|
All times are GMT. The time now is 06:31 PM. | Privacy Policy
|
problem IIS with DirectoryEntry