locked
Problems searching LDAP (valid objects not found) RRS feed

  • Question

  • User-264818127 posted

    I'm trying to find and pull attributes from LDAP (currently stuck on the finding part) for users when given their system ID. I keep getting a "There is no such object on the server" error whenever I try to locate one, however. I can see the user in the ou, I know he exists...I just can't seem to convince my code that he does.


                    DirectoryEntry de = new DirectoryEntry();
                    de.Path = "LDAP://ldap.server.com";
                    de.Username = "ssid=username,ou=people,dc=server,dc=com";
                    de.Password = "password";
                    de.AuthenticationType = AuthenticationTypes.SecureSocketsLayer;
    
                    DirectorySearcher deSearch = new DirectorySearcher(de);
    
                    deSearch.PropertiesToLoad.Add("displayName");
    
                    deSearch.Filter = "ssid=testuser";
    
                    SearchResult result = deSearch.FindOne();


    Blows up when FindOne is called. Any thoughts?

    Tuesday, July 7, 2009 3:38 PM

All replies

  • User-60558687 posted

    If you're running this, say, from a console application you don't need the de.Username and de.Password lines, I think. If you have to supply a username + password, then try assing the username (NTUserName) to username without the ou and dcs.

    Try commenting them out and see what you get. What exception message are you getting?

    Tuesday, July 7, 2009 6:33 PM
  • User-264818127 posted

    Doh, sorry, forgot the error:

    "There is no such object on the server.
    System.Exception {System.Runtime.InteropServices.COMException}
    


    And the stack trace:


       at System.DirectoryServices.SearchResultCollection.ResultsEnumerator.MoveNext()
       at System.DirectoryServices.DirectorySearcher.FindOne()
       at LDAP_Test.Program.GetAllDN() in C:\Documents and Settings\John\My Documents\Visual Studio 2005\Projects\LDAP_Test\LDAP_Test\Program.cs:line 41



       at System.DirectoryServices.SearchResultCollection.ResultsEnumerator.MoveNext()
       at System.DirectoryServices.DirectorySearcher.FindOne()
       at LDAP_Test.Program.GetResult() in C:\Documents and Settings\My Documents\Visual Studio 2005\Projects\LDAP_Test\LDAP_Test\Program.cs:line 41


    I need the username and password, since I am not on the domain. I'm on the network, but not actually attached to the domain. Not having a problem authenticating (the username and password are valid and tested, and I am getting in to LDAP), just retrieving an actual user object.





    Wednesday, July 8, 2009 12:10 PM
  • User-60558687 posted

    Ok.

    Try de.Username = "username" // just the username

    de.Password = "password"

    Will that work?

    Wednesday, July 8, 2009 12:27 PM
  • User-264818127 posted

    No. That results in a "Login failure: unknown user name or bad password" exception from LDAP.

    Wednesday, July 8, 2009 12:35 PM
  • User-60558687 posted

    I actually wrote a test function to logon to AD from a non-domain member computer and given the correct username/password it worked.

    If are not using ADExplorer, you can download from here http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx. It's great tool to troubleshoot AD issues.

    Also, since you're crossing domains (local computer -> domain) this might relevant to your case

    http://support.microsoft.com/kb/207671


    Thursday, July 9, 2009 7:21 AM
  • User-264818127 posted

    Figured it out. I needed to explicity redefine the OU and DN in the LDAP connection string.

    Thursday, July 9, 2009 1:30 PM