locked
AzMan & ADAM - HRESULT 0x80070002 & 0x80070490 RRS feed

  • Question

  • User-1322387977 posted
    I have been following the tutorial How To: Use ADAM for Roles in ASP.NET 2.0 on a stand-alone winXP with success. However, when i start moving up the next step of implementing ADAM in an actual domain environment, i am getting HRESULT errors.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p><o:p> </o:p>Here is what i have setup:
    1.     A single DC (TESTDC) that operates testdomain.org
    2.     It has a user AppAdmin which belongs to the AppAdmins group that is supposed to take care of the ADAM store.
    <o:p></o:p>
    3.     A development workstation (XPBASE) that is a member of the domain.
    <o:p></o:p>
    4.     ADAM partition installed in the winXP computer - CN=Authorization,DC=group,DC=testdomain,DC=org
    <o:p></o:p>
    5.     AzMan store therefore located at msldap://localhost/CN=AzManStore,CN=Authorization,DC= group,DC=testdomain,DC=org
    <o:p></o:p>
    6.     ADAM was originally installed by AppAdmin and therefore the administrator; i do not know how to view and change this properly.
    <o:p></o:p>
    7.     After moving code from the stand-alone winXP (which works) to the domain-member winXP, I encounter errors when trying to call Roles.GetAllRoles(), the Role management API from ASP.NET
    <o:p></o:p>
    a.     When using Visual Studio’s webdev server (cassini) and AppAdmin as the developer - System.Runtime.InteropServices.COMException: Element not found. (Exception from HRESULT: 0x80070490)
    <o:p></o:p>b.     When using IIS and ASPNET (worker process account) – System.IO.FileNotFoundException: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)XPBASE\ASPNET has already been assigned Administrator role of the AzMan store in ADAM. What i cannot understand, and find out similar encounters by others, is why there are different errors based on the access scenario, and what are causing them.<o:p></o:p><o:p> </o:p>

    Any ideas?

    Sunday, July 8, 2007 1:09 AM

Answers

  • User-1322387977 posted


    7.     After moving code from the stand-alone winXP (which works) to the domain-member winXP, I encounter errors when trying to call Roles.GetAllRoles(), the Role management API from ASP.NET
    b.     When using IIS and ASPNET (worker process account) – System.IO.FileNotFoundException: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)

    Discovered the problem - ASPNET must be assigned Reader role to the ADAM partition itself in order to access the AzMan store.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, July 12, 2007 12:05 PM

All replies

  • User-1322387977 posted
    I found what’s the problem to 7a) the roleManager’s provider (RoleManagerAzManADAMProvider) had a typo error to the applicationName, leading to element not found when trying to look for an application of that erroneous name.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p><o:p> </o:p>However, 7b) still persists with the same error. Looks like I am missing something else that is causing  ASPNET to fail to see some file.<o:p></o:p><o:p> </o:p>Aaron<o:p></o:p>
    Sunday, July 8, 2007 5:04 AM
  • User-1322387977 posted


    7.     After moving code from the stand-alone winXP (which works) to the domain-member winXP, I encounter errors when trying to call Roles.GetAllRoles(), the Role management API from ASP.NET
    b.     When using IIS and ASPNET (worker process account) – System.IO.FileNotFoundException: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)

    Discovered the problem - ASPNET must be assigned Reader role to the ADAM partition itself in order to access the AzMan store.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, July 12, 2007 12:05 PM
  • User-1282133617 posted

    I am still having problems with this. The development machine can connect from within VS2008 but the production machine still throws "the system cannot find the file specified" error. The only way I managed to get this to work was th change the Web App Pool identity from Network Service to Local System and it started to work. But, I feel thats only a temporary workaround. I dont want to run at this elevated level. Is there anything else I can try?

     

    Nick

    Friday, December 12, 2008 4:06 AM
  • User-1322387977 posted
    What if you assign a regular user account as the AppPool identity, and grant that account the Reader role?
    Friday, December 12, 2008 1:02 PM