Professional Web Applications Themes

Active Directory Search fails ("The directory service is unavailab - ASP.NET Security

Hi all, I'm having one of those nerve wrecking errors, when trying to perform a simple search in an Active Directory. The objective of the code is to, given a user name, search the AD for couple of specified properties, including the groups the user belongs to. The odd thing is that, if I set filter simply as "(objectCategory=user)", it works. If I add any other search criteria, it throws an exception with the message "the directory service is unavailable.". Can any of you help? Here's the code that I'm using to perform the search: public static void GetADUserGroups(string LoggedInUser){ ...

  1. #1

    Default Active Directory Search fails ("The directory service is unavailab

    Hi all,

    I'm having one of those nerve wrecking errors, when trying to perform a
    simple search in an Active Directory. The objective of the code is to, given
    a user name, search the AD for couple of specified properties, including the
    groups the user belongs to.

    The odd thing is that, if I set filter simply as "(objectCategory=user)", it
    works. If I add any other search criteria, it throws an exception with the
    message "the directory service is unavailable.".

    Can any of you help? Here's the code that I'm using to perform the search:

    public static void GetADUserGroups(string LoggedInUser){
    DirectorySearcher search = new DirectorySearcher("LDAP://" +
    Common.getValue("SPDomain"));
    search.Filter = "(objectCategory=user)(samaccountname=" + LoggedInUser +
    ")";

    search.PropertiesToLoad.Add("memberof");
    search.PropertiesToLoad.Add("department");
    search.PropertiesToLoad.Add("cn");
    search.PropertiesToLoad.Add("sn");
    search.PropertiesToLoad.Add("name");
    search.PropertiesToLoad.Add("samaccountname");

    System.Text.StringBuilder groupNames = new System.Text.StringBuilder();

    // Search time out
    TimeSpan waitTime;
    try{
    waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
    search.ClientTimeout = waitTime; //wait this much time to display results
    }
    catch (Exception Ex){
    throw new SystemException("Error = " + Ex.Message + Ex.InnerException, Ex);
    }

    try{
    SearchResult result = search.FindOne();
    if(result != null){
    int propertyCount = result.Properties["memberOf"].Count;
    String dn;
    int equalsIndex, commaIndex;

    for(int propertyCounter = 0; propertyCounter < propertyCount;
    propertyCounter++){
    dn = (String)result.Properties["memberOf"][propertyCounter];
    equalsIndex = dn.IndexOf("=", 1);
    commaIndex = dn.IndexOf(",", 1);
    if(-1 == equalsIndex){
    return;
    }
    groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
    - equalsIndex) - 1));
    groupNames.Append("|");
    }
    }
    }
    catch(Exception ex){
    throw new Exception("Error obtaining group names. " + ex.Message);
    }
    }

    Thanks in advance for all the help you guys can provide!
    ejcosta
    ejcosta Guest

  2. #2

    Default Re: Active Directory Search fails ("The directory service is unavailab

    Your search filter should look like this for a compound query:
    (&(objectCategory=user)(samaccountname=username) )

    Normally, I'd expect an invalid filter syntax error though.

    You might also need to include credentials in your DirectoryEntry
    constructor if your security context isn't a domain account or can't hop to
    the domain controller due to impersonation/delegation issues. This is
    common in ASP.NET.

    Joe K.

    "ejcosta" <ejcostadiscussions.microsoft.com> wrote in message
    news:43FC2F5E-D134-475E-ABB7-B84BBD50438Bmicrosoft.com...
    > Hi all,
    >
    > I'm having one of those nerve wrecking errors, when trying to perform a
    > simple search in an Active Directory. The objective of the code is to,
    > given
    > a user name, search the AD for couple of specified properties, including
    > the
    > groups the user belongs to.
    >
    > The odd thing is that, if I set filter simply as "(objectCategory=user)",
    > it
    > works. If I add any other search criteria, it throws an exception with the
    > message "the directory service is unavailable.".
    >
    > Can any of you help? Here's the code that I'm using to perform the search:
    >
    > public static void GetADUserGroups(string LoggedInUser){
    > DirectorySearcher search = new DirectorySearcher("LDAP://" +
    > Common.getValue("SPDomain"));
    > search.Filter = "(objectCategory=user)(samaccountname=" + LoggedInUser +
    > ")";
    >
    > search.PropertiesToLoad.Add("memberof");
    > search.PropertiesToLoad.Add("department");
    > search.PropertiesToLoad.Add("cn");
    > search.PropertiesToLoad.Add("sn");
    > search.PropertiesToLoad.Add("name");
    > search.PropertiesToLoad.Add("samaccountname");
    >
    > System.Text.StringBuilder groupNames = new System.Text.StringBuilder();
    >
    > // Search time out
    > TimeSpan waitTime;
    > try{
    > waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
    > search.ClientTimeout = waitTime; //wait this much time to display results
    > }
    > catch (Exception Ex){
    > throw new SystemException("Error = " + Ex.Message + Ex.InnerException,
    > Ex);
    > }
    >
    > try{
    > SearchResult result = search.FindOne();
    > if(result != null){
    > int propertyCount = result.Properties["memberOf"].Count;
    > String dn;
    > int equalsIndex, commaIndex;
    >
    > for(int propertyCounter = 0; propertyCounter < propertyCount;
    > propertyCounter++){
    > dn = (String)result.Properties["memberOf"][propertyCounter];
    > equalsIndex = dn.IndexOf("=", 1);
    > commaIndex = dn.IndexOf(",", 1);
    > if(-1 == equalsIndex){
    > return;
    > }
    > groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
    > - equalsIndex) - 1));
    > groupNames.Append("|");
    > }
    > }
    > }
    > catch(Exception ex){
    > throw new Exception("Error obtaining group names. " + ex.Message);
    > }
    > }
    >
    > Thanks in advance for all the help you guys can provide!
    > ejcosta

    Joe Kaplan \(MVP - ADSI\) Guest

  3. #3

    Default Re: Active Directory Search fails ("The directory service is unava

    Joe,

    Thank you so much for your help. Your answer worked perfectly.

    Regards,
    Eurico

    "Joe Kaplan (MVP - ADSI)" wrote:
    > Your search filter should look like this for a compound query:
    > (&(objectCategory=user)(samaccountname=username) )
    >
    > Normally, I'd expect an invalid filter syntax error though.
    >
    > You might also need to include credentials in your DirectoryEntry
    > constructor if your security context isn't a domain account or can't hop to
    > the domain controller due to impersonation/delegation issues. This is
    > common in ASP.NET.
    >
    > Joe K.
    >
    > "ejcosta" <ejcostadiscussions.microsoft.com> wrote in message
    > news:43FC2F5E-D134-475E-ABB7-B84BBD50438Bmicrosoft.com...
    > > Hi all,
    > >
    > > I'm having one of those nerve wrecking errors, when trying to perform a
    > > simple search in an Active Directory. The objective of the code is to,
    > > given
    > > a user name, search the AD for couple of specified properties, including
    > > the
    > > groups the user belongs to.
    > >
    > > The odd thing is that, if I set filter simply as "(objectCategory=user)",
    > > it
    > > works. If I add any other search criteria, it throws an exception with the
    > > message "the directory service is unavailable.".
    > >
    > > Can any of you help? Here's the code that I'm using to perform the search:
    > >
    > > public static void GetADUserGroups(string LoggedInUser){
    > > DirectorySearcher search = new DirectorySearcher("LDAP://" +
    > > Common.getValue("SPDomain"));
    > > search.Filter = "(objectCategory=user)(samaccountname=" + LoggedInUser +
    > > ")";
    > >
    > > search.PropertiesToLoad.Add("memberof");
    > > search.PropertiesToLoad.Add("department");
    > > search.PropertiesToLoad.Add("cn");
    > > search.PropertiesToLoad.Add("sn");
    > > search.PropertiesToLoad.Add("name");
    > > search.PropertiesToLoad.Add("samaccountname");
    > >
    > > System.Text.StringBuilder groupNames = new System.Text.StringBuilder();
    > >
    > > // Search time out
    > > TimeSpan waitTime;
    > > try{
    > > waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
    > > search.ClientTimeout = waitTime; //wait this much time to display results
    > > }
    > > catch (Exception Ex){
    > > throw new SystemException("Error = " + Ex.Message + Ex.InnerException,
    > > Ex);
    > > }
    > >
    > > try{
    > > SearchResult result = search.FindOne();
    > > if(result != null){
    > > int propertyCount = result.Properties["memberOf"].Count;
    > > String dn;
    > > int equalsIndex, commaIndex;
    > >
    > > for(int propertyCounter = 0; propertyCounter < propertyCount;
    > > propertyCounter++){
    > > dn = (String)result.Properties["memberOf"][propertyCounter];
    > > equalsIndex = dn.IndexOf("=", 1);
    > > commaIndex = dn.IndexOf(",", 1);
    > > if(-1 == equalsIndex){
    > > return;
    > > }
    > > groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
    > > - equalsIndex) - 1));
    > > groupNames.Append("|");
    > > }
    > > }
    > > }
    > > catch(Exception ex){
    > > throw new Exception("Error obtaining group names. " + ex.Message);
    > > }
    > > }
    > >
    > > Thanks in advance for all the help you guys can provide!
    > > ejcosta
    >
    >
    >
    Eurico Costa Guest

Similar Threads

  1. #39720 [NEW]: Compile Fails with " php_config.h: No such file or directory"
    By codeslinger at compsalot dot com in forum PHP Bugs
    Replies: 1
    Last Post: December 3rd, 06:29 AM
  2. Replies: 0
    Last Post: August 31st, 04:57 PM
  3. Replies: 0
    Last Post: March 14th, 11:28 AM
  4. trying to get Active Directory with SSL
    By kthomann in forum Macromedia ColdFusion
    Replies: 0
    Last Post: March 7th, 04:14 PM
  5. Replies: 1
    Last Post: October 5th, 03:49 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139