locked
Network path not found after user name change RRS feed

  • Question

  • User533367837 posted

    Hi,

    ASP.net web site in operation since 2008 (Windows 2003, IIS 6 with IWA enabled). The site gets user information from the local Active Directory domain for various operations and overall has worked without issue forever. Recently, an employee got married and her name was changed in AD. The employee is able to logon to her computer, access file shares, etc. without trouble but when she tries to access the web site she gets a "network path not found" error along with 401.1 errors in the web server logs. The problem can be reproduced on multiple computers within the AD domain and across different web browsers.

    Using the following code; it works for 200 other employees:

    Imports System

    Imports System.Data

    Imports System.Data.SqlClient

    Imports System.Configuration

    Imports System.Security.Principal

    Imports System.DirectoryServices

    Dim wi As System.Security.Principal.WindowsIdentity = System.Security.Principal.WindowsIdentity.GetCurrent()

    Dim a As String() = Context.User.Identity.Name.Split("\"c)

    Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://" + a(0) + "/" + a(1))

    'error occurs at this line...

    Dim Name As String = ADEntry.Properties("FullName").Value.ToString()

    There have been no changes to this web site recently and again it works for everyone else. I've verfied that AD sync is working (2 DCs) - only obvious anomaly is on our WSS 3.0 web site; her maiden name still shows up but I've read that this is not unusual for WSS 3.

    Anybody have any idea what might be causing this? It affects all pages that use the above code but only for this user.

    Thanks.....

    Thursday, August 7, 2014 2:22 PM

Answers

  • User1508394307 posted

    What was changed, the login name or the full name? It sounds like that 

    Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://" + a(0) + "/" + a(1))

    returns Nothing and therefore you cannot get its FullName value. 

    If sync works then maybe it is cached somewhere on webserver? Did you try to reboot it?

    P.S.

    .NET3.5 and later has new System.DirectoryServices.AccountManagement-Namespace, see example how you can get user name using it

    http://forums.asp.net/t/2001145.aspx 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 7, 2014 2:35 PM

All replies

  • User1508394307 posted

    What was changed, the login name or the full name? It sounds like that 

    Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://" + a(0) + "/" + a(1))

    returns Nothing and therefore you cannot get its FullName value. 

    If sync works then maybe it is cached somewhere on webserver? Did you try to reboot it?

    P.S.

    .NET3.5 and later has new System.DirectoryServices.AccountManagement-Namespace, see example how you can get user name using it

    http://forums.asp.net/t/2001145.aspx 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, August 7, 2014 2:35 PM
  • User533367837 posted

    Thanks for the quick reply - both were changed but I've done that with other users in the past and didn't have any trouble. I plan a restart tonight in case there is any cached data and I've temporarily worked around the issue by commenting out the line - can't stay that way though...

    I'll check back in after a reboot - thanks again.

    Thursday, August 7, 2014 2:40 PM
  • User533367837 posted

    Bit weirder - the  ("WinNT://" + a(0) + "/" + a(1)) is returning something - at least at a(1); a label that takes a(1) value is showing the samAccountName but it's showing the user's maiden name and not the updated name....I'll look again after the reboot.

    Thursday, August 7, 2014 2:45 PM
  • User1508394307 posted

    No, what I meant is, you had a user corp\user1 who was renamed to corp\user2. So she is now using corp\user2 to access the network, but because the server where app is installed was not rebooted it still "knows" her as corp\user1

    So it does

    Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://corp/user1")

    and ADEntry is resulted to Nothing

    So the next line 

    Dim Name As String = ADEntry.Properties("FullName").Value.ToString()

    will fail because it cannot obtain any property from null reference.

    In general you might need to check that case as

    Dim ADEntry As New System.DirectoryServices.DirectoryEntry("WinNT://" + a(0) + "/" + a(1))
    
    Dim Name As String
    If Not ADEntry Is Nothing Then
        Name = ADEntry.Properties("FullName").Value.ToString()
    Else
        Name = "Got married?"
    End If

    P.S. You might also log a(0), a(1) somewhere like in a text file to see what was exactly requested from the server. Maybe it is already configured in IIS log and you can see what identity was used. 

    Thursday, August 7, 2014 3:14 PM
  • User533367837 posted

    Thanks, I understood what you meant - what I was trying to show was that your assessment of cached data was probably correct; a(1) was pulling old data (assumingly from a local cache on the webserver). Once I rebooted the server the issue resolved itself so thanks again for the assistance :)

    Friday, August 8, 2014 8:10 AM
  • User1508394307 posted

    Sometimes a reboot solves all kinds of problems ;-)

    Friday, August 8, 2014 8:14 AM
  • User533367837 posted

    Yup - moving to the LDAP method for the new version of this site but for now will plan on rebooting with any other username issues.

    Thanks again....

    Friday, August 8, 2014 12:22 PM