Answered by:
connecting problem in vb.net with ldap to active directory

Question
-
I am upgrading our servers and .net application from windows 2000 to the newly-purchased windows 2012R2 servers. There is one function which works in windows 2000 but doesn’t work in windows 2012R2.
I am running an .net 2.0 internal application in windows 2000 and IIS 5.0 using Visual Studio professional 2015. There is one function in this application which will make a function call to an AD server using LDAP to check the login id and password in Active Directory. It is running perfectly fine before. However, once I upgrade to this new window2012R2 server running .net 2.0, it doesn’t work. The function in the application is not able to get authorization in the Active Directory. The function as below:
Private Function IsAuthenticatedByAD(ByVal sUid As String, ByVal sPwd As String) As Boolean
Dim direntRoot As DirectoryEntry, direntUsr As DirectoryEntry
Dim sDomain As String, sDomainAndUid As String
Dim dirsrchUsr As DirectorySearcher, oNative As Object
direntRoot = New DirectoryEntry("LDAP://rootDSE")
sDomain = direntRoot.Properties("DefaultNamingContext")(0)
sDomainAndUid = String.Format("{0}\{1}", sDomain, sUid)
direntUsr = New DirectoryEntry(direntRoot.Path, sDomainAndUid, sPwd)
Try
oNative = direntUsr.NativeObject
Catch ex As Exception
Return False
End Try
Return True
End Function
The username existed in AD and the password is correct for sure. I received error message in the "Try" section when run oNative = ....
The error message as below:
"System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): The user name or password is incorrect." & vbCrLf & vbCrLf & " at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)" & vbCrLf & " at System.DirectoryServices.DirectoryEntry.Bind()" & vbCrLf & " at System.DirectoryServices.DirectoryEntry.get_NativeObject()" & vbCrLf & " at ums.business.UsrMgmtBus.IsAuthenticatedByAD(String sUid, String sPwd) in C:\inetpub\wwwroot\ums\business\UsrMgmtBus.vb:line 127"
Please help. Thanks a lot.Monday, September 26, 2016 10:19 AM
Answers
-
Hi,
Thanks. I have tried your code and still got error. I believe it is something mis-configure in the new server running windows 2012 R2. I have selected the application running with .net 2.0 classic and 32 bit mode. Really desperate. Would you think of anything from the server side?
Well if there is an issue with the Windows Server 2012 r2 configuration perhaps rather than display code you should describe the issue you are having with your program in that it works for Windows 2000 but not Windows Server 2012 r2 in one of these two forums Windows Server 2012 General or Windows Server 2012 Essentials but not both just because you want an answer. I don't know what the Essentials forum is for.
Maybe in one of those forums somebody will know why a program that could do something on Windows 2000 can not on Windows Server 2012 r2.
La vida loca
- Proposed as answer by Herro wongMicrosoft contingent staff Friday, October 7, 2016 2:07 AM
- Marked as answer by Herro wongMicrosoft contingent staff Friday, October 7, 2016 2:07 AM
Tuesday, September 27, 2016 5:51 PM
All replies
-
Well if the issue has nothing to do with the configuration of the Windows Server 2012 r2 regarding LDAP and Directory Services or Security or something else misconfigured causing the issue I have no idea.
However at this link in C# Howto: (Almost) Everything In Active Directory via C# (from 2008) I found code converted to VB.Net using Telerik. It is the code, below your code, in the code window below. It seems much different from your code. Whether it will work or not or if it does the same thing your code does I don't know that either.
My suspicion would be the Windows Server 2012 r2 system is not configured correctly somewhere.
' Below code is your code. Private Function IsAuthenticatedByAD(ByVal sUid As String, ByVal sPwd As String) As Boolean Dim direntRoot As DirectoryEntry, direntUsr As DirectoryEntry Dim sDomain As String, sDomainAndUid As String Dim dirsrchUsr As DirectorySearcher, oNative As Object direntRoot = New DirectoryEntry("LDAP://rootDSE") sDomain = direntRoot.Properties("DefaultNamingContext")(0) sDomainAndUid = String.Format("{0}\{1}", sDomain, sUid) direntUsr = New DirectoryEntry(direntRoot.Path, sDomainAndUid, sPwd) Try oNative = direntUsr.NativeObject Catch ex As Exception Return False End Try Return True End Function ' Below code converted from C# to VB.Net from link provided. Private Function Authenticate(userName As String, password As String, domain As String) As Boolean Dim authentic As Boolean = False Try Dim entry As New DirectoryEntry(Convert.ToString("LDAP://") & domain, userName, password) Dim nativeObject As Object = entry.NativeObject authentic = True Catch generatedExceptionName As DirectoryServicesCOMException End Try Return authentic End Function
La vida loca
- Edited by Mr. Monkeyboy Monday, September 26, 2016 5:06 PM
- Proposed as answer by Neda Zhang Tuesday, September 27, 2016 2:10 AM
Monday, September 26, 2016 5:03 PM -
Thanks for your advice. I will check and try. Cheers.Tuesday, September 27, 2016 1:28 AM
-
Hi,
Thanks. I have tried your code and still got error. I believe it is something mis-configure in the new server running windows 2012 R2. I have selected the application running with .net 2.0 classic and 32 bit mode. Really desperate. Would you think of anything from the server side?
Tuesday, September 27, 2016 9:28 AM -
Hi,
Thanks. I have tried your code and still got error. I believe it is something mis-configure in the new server running windows 2012 R2. I have selected the application running with .net 2.0 classic and 32 bit mode. Really desperate. Would you think of anything from the server side?
Well if there is an issue with the Windows Server 2012 r2 configuration perhaps rather than display code you should describe the issue you are having with your program in that it works for Windows 2000 but not Windows Server 2012 r2 in one of these two forums Windows Server 2012 General or Windows Server 2012 Essentials but not both just because you want an answer. I don't know what the Essentials forum is for.
Maybe in one of those forums somebody will know why a program that could do something on Windows 2000 can not on Windows Server 2012 r2.
La vida loca
- Proposed as answer by Herro wongMicrosoft contingent staff Friday, October 7, 2016 2:07 AM
- Marked as answer by Herro wongMicrosoft contingent staff Friday, October 7, 2016 2:07 AM
Tuesday, September 27, 2016 5:51 PM -
Try using System.DirectoryServices.AccountManagement instead. Keep it simple at first to troubleshoot:
Dim isValid As Boolean = False Try Dim principalContextObject = New PrincipalContext(System.DirectoryServices.AccountManagement.ContextType.Domain) isValid = principalContextObject.ValidateCredentials(userID, password) Catch ex As Exception '... End Try
Paul ~~~~ Microsoft MVP (Visual Basic)
Wednesday, September 28, 2016 1:28 PM