A simple one?

Question

User-1573875253 posted

Hi

Does anyone have a basic example of how I interact with AD on our network using a ASP.Net webpage? I just want to pull the username and email address of a logged in user.

Any help much appreciated.

 

Best Regards

C

 

Answer 1

User1354132231 posted
Try this post and see if that gets you started.

Answer 2

User-1573875253 posted

Thanks, all sorted - one more problem though:

I have a asp.net page that calls some web service methods successfully. However when I try and call one of my LDAP functions (held in web service as well) I get:

System.Web.Services.Protocols.SoapException: Server was unable to process request. --> The specified domain either does not exist or could not be contacted

The function works fine when test via the Web Service test page just not when I try and call it.

My web service is running with identity impersonate="true" and anonymous access disabled as I need this set this way.

This is the web service code which fails:

Dim rootDse As DirectoryEntry = New DirectoryEntry("LDAP://RootDSE")

Dim namingContext As String = rootDse.Properties("defaultNamingContext").Value

Any help would be greatly appreciated :)

C

Answer 3

User1354132231 posted
Serverless binding (which is what you are doing) requires a domain context.  This either needs to be the impersonated thread or the process account.  You need to set whatever is executing this line of code to be a domain account.

Your other option is to specify a domain to help the locator service (e.g. "LDAP://domain.com/RootDSE").  This will allow the locator service to find the right RootDSE.

Answer 4

User-1573875253 posted

Hi

I have made the following change:

Dim rootDse As DirectoryEntry = New DirectoryEntry("LDAP://mydomain.local/RootDSE")

Dim namingContext As String = rootDse.Properties("defaultNamingContext").Value

Dim rootDomain As DirectoryEntry = New DirectoryEntry("LDAP://" + namingContext)

This now takes me past the second line without error which is good. However the final error is sitll the same but on this line:

Dim mySearchResultColl As DirectoryServices.SearchResultCollection

mySearchResultColl = dSearch.FindAll()

Any ideas why it throws up the error there now?

 

Answer 5

User-1573875253 posted

I thought I would post my test function:

CLIENT CODE:

Dim oSLXWebService As SLXService.WebService = New SLXService.WebService

oSLXWebService.Credentials = System.Net.CredentialCache.DefaultCredentials 'get access denied without this

lbl_res_adEmail.Text = oSLXWebService.LDAP_getUserEmail(GetNTUsername)

 

WEB SERVICE CODE:

<WebMethod()> _

Public Function LDAP_getUserEmail(ByVal strNTUsername As String) As String

Dim rootDse As DirectoryEntry = New DirectoryEntry("LDAP://mydomain.local/RootDSE")

Dim namingContext As String = rootDse.Properties("defaultNamingContext").Value

Dim rootDomain As DirectoryEntry = New DirectoryEntry("LDAP://" + namingContext)

Dim dSearch As New DirectoryServices.DirectorySearcher(rootDomain, "sAMAccountName=" & strNTUsername.ToString & "")

dSearch.PropertiesToLoad.Add("sAMAccountName")

dSearch.PropertiesToLoad.Add("mail")

Dim mySearchResult As DirectoryServices.SearchResult

Dim mySearchResultColl As DirectoryServices.SearchResultCollection

mySearchResultColl = dSearch.FindAll() ' ERRORS HERE

For Each mySearchResult In mySearchResultColl

If mySearchResult.Properties.Contains("mail") Then

Return mySearchResult.Properties("mail")(0).ToString

End If

Next

End Function

 

Help!

Thanks

 

Answer 6

User1354132231 posted
So the error here lies with the security context.  The process or impersonated thread must have domain credentials.  Read this post here to learn more about the security context.