Ask a Question related to ASP.NET Security, Design and Development.
-
ejcosta #1
Active Directory Search fails ("The directory service is unavailab
Hi all,
I'm having one of those nerve wrecking errors, when trying to perform a
simple search in an Active Directory. The objective of the code is to, given
a user name, search the AD for couple of specified properties, including the
groups the user belongs to.
The odd thing is that, if I set filter simply as "(objectCategory=user)", it
works. If I add any other search criteria, it throws an exception with the
message "the directory service is unavailable.".
Can any of you help? Here's the code that I'm using to perform the search:
public static void GetADUserGroups(string LoggedInUser){
DirectorySearcher search = new DirectorySearcher("LDAP://" +
Common.getValue("SPDomain"));
search.Filter = @"(objectCategory=user)(samaccountname=" + LoggedInUser +
")";
search.PropertiesToLoad.Add("memberof");
search.PropertiesToLoad.Add("department");
search.PropertiesToLoad.Add("cn");
search.PropertiesToLoad.Add("sn");
search.PropertiesToLoad.Add("name");
search.PropertiesToLoad.Add("samaccountname");
System.Text.StringBuilder groupNames = new System.Text.StringBuilder();
// Search time out
TimeSpan waitTime;
try{
waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
search.ClientTimeout = waitTime; //wait this much time to display results
}
catch (Exception Ex){
throw new SystemException("Error = " + Ex.Message + Ex.InnerException, Ex);
}
try{
SearchResult result = search.FindOne();
if(result != null){
int propertyCount = result.Properties["memberOf"].Count;
String dn;
int equalsIndex, commaIndex;
for(int propertyCounter = 0; propertyCounter < propertyCount;
propertyCounter++){
dn = (String)result.Properties["memberOf"][propertyCounter];
equalsIndex = dn.IndexOf("=", 1);
commaIndex = dn.IndexOf(",", 1);
if(-1 == equalsIndex){
return;
}
groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
- equalsIndex) - 1));
groupNames.Append("|");
}
}
}
catch(Exception ex){
throw new Exception("Error obtaining group names. " + ex.Message);
}
}
Thanks in advance for all the help you guys can provide!
ejcosta
ejcosta Guest
-
#39720 [NEW]: Compile Fails with " php_config.h: No such file or directory"
From: codeslinger at compsalot dot com Operating system: Fedora Core 2 PHP version: 5.2.0 PHP Bug Type: Compile Failure Bug... -
Account Locked Out - Cold Fusion Application Service running as Active Directory Domain Account
Using Cold Fusion 7 Standard w/ IIS6. Cold Fusion Application Service is running as a domain account to access IIS home directory on another... -
active directory
Hello, I need to get all the AD information from a user that access a intranet ASP.NET page.Does anyone can tell me how to do it? (the user can't... -
Returning multiple results from Active Directory from a Web Service to an ASP page
Hi, I'm new to Web Services and are trying to find information about how I can return multiple results from a Search in Active Directory and view... -
Active Directory Role-Based Authentication Fails for Users - Local
Developed a web-based application that queries active directory for roles to associate the appropriate functionality to the user. After a recent... -
Joe Kaplan \(MVP - ADSI\) #2 Re: Active Directory Search fails ("The directory service is unavailab
Your search filter should look like this for a compound query:
(&(objectCategory=user)(samaccountname=username) )
Normally, I'd expect an invalid filter syntax error though.
You might also need to include credentials in your DirectoryEntry
constructor if your security context isn't a domain account or can't hop to
the domain controller due to impersonation/delegation issues. This is
common in ASP.NET.
Joe K.
"ejcosta" <ejcosta@discussions.microsoft.com> wrote in message
news:43FC2F5E-D134-475E-ABB7-B84BBD50438B@microsoft.com...> Hi all,
>
> I'm having one of those nerve wrecking errors, when trying to perform a
> simple search in an Active Directory. The objective of the code is to,
> given
> a user name, search the AD for couple of specified properties, including
> the
> groups the user belongs to.
>
> The odd thing is that, if I set filter simply as "(objectCategory=user)",
> it
> works. If I add any other search criteria, it throws an exception with the
> message "the directory service is unavailable.".
>
> Can any of you help? Here's the code that I'm using to perform the search:
>
> public static void GetADUserGroups(string LoggedInUser){
> DirectorySearcher search = new DirectorySearcher("LDAP://" +
> Common.getValue("SPDomain"));
> search.Filter = @"(objectCategory=user)(samaccountname=" + LoggedInUser +
> ")";
>
> search.PropertiesToLoad.Add("memberof");
> search.PropertiesToLoad.Add("department");
> search.PropertiesToLoad.Add("cn");
> search.PropertiesToLoad.Add("sn");
> search.PropertiesToLoad.Add("name");
> search.PropertiesToLoad.Add("samaccountname");
>
> System.Text.StringBuilder groupNames = new System.Text.StringBuilder();
>
> // Search time out
> TimeSpan waitTime;
> try{
> waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
> search.ClientTimeout = waitTime; //wait this much time to display results
> }
> catch (Exception Ex){
> throw new SystemException("Error = " + Ex.Message + Ex.InnerException,
> Ex);
> }
>
> try{
> SearchResult result = search.FindOne();
> if(result != null){
> int propertyCount = result.Properties["memberOf"].Count;
> String dn;
> int equalsIndex, commaIndex;
>
> for(int propertyCounter = 0; propertyCounter < propertyCount;
> propertyCounter++){
> dn = (String)result.Properties["memberOf"][propertyCounter];
> equalsIndex = dn.IndexOf("=", 1);
> commaIndex = dn.IndexOf(",", 1);
> if(-1 == equalsIndex){
> return;
> }
> groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
> - equalsIndex) - 1));
> groupNames.Append("|");
> }
> }
> }
> catch(Exception ex){
> throw new Exception("Error obtaining group names. " + ex.Message);
> }
> }
>
> Thanks in advance for all the help you guys can provide!
> ejcosta
Joe Kaplan \(MVP - ADSI\) Guest
-
Eurico Costa #3 Re: Active Directory Search fails ("The directory service is unava
Joe,
Thank you so much for your help. Your answer worked perfectly.
Regards,
Eurico
"Joe Kaplan (MVP - ADSI)" wrote:
> Your search filter should look like this for a compound query:
> (&(objectCategory=user)(samaccountname=username) )
>
> Normally, I'd expect an invalid filter syntax error though.
>
> You might also need to include credentials in your DirectoryEntry
> constructor if your security context isn't a domain account or can't hop to
> the domain controller due to impersonation/delegation issues. This is
> common in ASP.NET.
>
> Joe K.
>
> "ejcosta" <ejcosta@discussions.microsoft.com> wrote in message
> news:43FC2F5E-D134-475E-ABB7-B84BBD50438B@microsoft.com...>> > Hi all,
> >
> > I'm having one of those nerve wrecking errors, when trying to perform a
> > simple search in an Active Directory. The objective of the code is to,
> > given
> > a user name, search the AD for couple of specified properties, including
> > the
> > groups the user belongs to.
> >
> > The odd thing is that, if I set filter simply as "(objectCategory=user)",
> > it
> > works. If I add any other search criteria, it throws an exception with the
> > message "the directory service is unavailable.".
> >
> > Can any of you help? Here's the code that I'm using to perform the search:
> >
> > public static void GetADUserGroups(string LoggedInUser){
> > DirectorySearcher search = new DirectorySearcher("LDAP://" +
> > Common.getValue("SPDomain"));
> > search.Filter = @"(objectCategory=user)(samaccountname=" + LoggedInUser +
> > ")";
> >
> > search.PropertiesToLoad.Add("memberof");
> > search.PropertiesToLoad.Add("department");
> > search.PropertiesToLoad.Add("cn");
> > search.PropertiesToLoad.Add("sn");
> > search.PropertiesToLoad.Add("name");
> > search.PropertiesToLoad.Add("samaccountname");
> >
> > System.Text.StringBuilder groupNames = new System.Text.StringBuilder();
> >
> > // Search time out
> > TimeSpan waitTime;
> > try{
> > waitTime = new TimeSpan(0, 0, 60); //hh--mm-ss
> > search.ClientTimeout = waitTime; //wait this much time to display results
> > }
> > catch (Exception Ex){
> > throw new SystemException("Error = " + Ex.Message + Ex.InnerException,
> > Ex);
> > }
> >
> > try{
> > SearchResult result = search.FindOne();
> > if(result != null){
> > int propertyCount = result.Properties["memberOf"].Count;
> > String dn;
> > int equalsIndex, commaIndex;
> >
> > for(int propertyCounter = 0; propertyCounter < propertyCount;
> > propertyCounter++){
> > dn = (String)result.Properties["memberOf"][propertyCounter];
> > equalsIndex = dn.IndexOf("=", 1);
> > commaIndex = dn.IndexOf(",", 1);
> > if(-1 == equalsIndex){
> > return;
> > }
> > groupNames.Append(dn.Substring((equalsIndex + 1), (commaIndex
> > - equalsIndex) - 1));
> > groupNames.Append("|");
> > }
> > }
> > }
> > catch(Exception ex){
> > throw new Exception("Error obtaining group names. " + ex.Message);
> > }
> > }
> >
> > Thanks in advance for all the help you guys can provide!
> > ejcosta
>
>Eurico Costa Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
