Professional Web Applications Themes

How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted") - ASP.NET General

Hi, I am using the example "Authenticate against the Active Directory by Using Forms Authentication and Visual Basic .NET": [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url] But I am having a problem figuring out the LDAP:// The LDAP:// that I pass looks like this (i substitued generic the following with generic name): Dim adPath as String = LDAP://DC=SomeDomainControllerComputerThatHasActiveDirect ory" But I am receiveing the following message when I try to log in with the example: "Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted" How do I figure out how my "LDAP://" should look like? Thanks, Phin...

  1. #1

    Default How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted")

    Hi,

    I am using the example "Authenticate against the Active Directory by
    Using Forms Authentication and Visual Basic .NET":

    [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url]

    But I am having a problem figuring out the LDAP://

    The LDAP:// that I pass looks like this (i substitued generic the
    following with generic name):

    Dim adPath as String =
    LDAP://DC=SomeDomainControllerComputerThatHasActiveDirect ory"

    But I am receiveing the following message when I try to log in with
    the example:
    "Error authenticating. Error authenticating user. The specified domain
    either does not exist or could not be contacted"

    How do I figure out how my "LDAP://" should look like?

    Thanks,

    Phin
    mrwoopey Guest

  2. #2

    Default Re: How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted")

    Hi Marc,

    Thanks for the tip, it worked! The thing that doesn't work now is
    trying to find the group that the user is in ("Error obtaining group
    names"). So, I commented out the code "adAuth.GetGroups()". Does
    anybody know how to get "adAuth.GetGroups()" working from the example:

    [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url]

    Besides that I can log in. Do I really need to check for group name?

    Thanks,

    Phin

    "Marc Nivens [MSFT]" <marcnonline.microsoft.com> wrote in message news:<O3NbmutODHA.3408tk2msftngp13.phx.gbl>...
    > DC= should be followed by a domain DN, not a servername. If you want to
    > bind to DC1 in domain domain.com, you would use this:
    >
    > LDAP://DC1/DC=domain,DC=com
    >
    > If you use serverless binding, you would just use:
    >
    > LDAP://DC=domain,DC=com
    >
    > --
    > Marc Nivens
    > Enterprise Messaging Support
    >
    > This posting is provided "AS IS" with no warranties, and confers no rights.
    > Use of included script samples are subject to the terms specified at
    > [url]http://www.microsoft.com/info/cpyright.htm[/url]
    >
    >
    > "mrwoopey" <mrwoopey> wrote in message
    > news:e48ab325.0306241458.78b2dbdaposting.google.c om...
    > > Hi,
    > >
    > > I am using the example "Authenticate against the Active Directory by
    > > Using Forms Authentication and Visual Basic .NET":
    > >
    > > [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url]
    > >
    > > But I am having a problem figuring out the LDAP://
    > >
    > > The LDAP:// that I pass looks like this (i substitued generic the
    > > following with generic name):
    > >
    > > Dim adPath as String =
    > > LDAP://DC=SomeDomainControllerComputerThatHasActiveDirect ory"
    > >
    > > But I am receiveing the following message when I try to log in with
    > > the example:
    > > "Error authenticating. Error authenticating user. The specified domain
    > > either does not exist or could not be contacted"
    > >
    > > How do I figure out how my "LDAP://" should look like?
    > >
    > > Thanks,
    > >
    > > Phin
    mrwoopey Guest

  3. #3

    Default Re: How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted")

    That function is probably failing because the SearchRoot used by the
    DirectorySearcher needs to be built with a specific server name and login
    credentials, much like the bind operation you did to authenticate the user
    in the first place.

    If you replace the line:

    Dim search As DirectorySearcher = New DirectorySearcher(_path)

    with:
    Dim search As DirectorySearcher = New DirectorySearcher(rootEntry)

    Where rootEntry is a DirectoryEntry object built the same way you built the
    entry to get the authentication to work, then you should be fine.

    That said, in my opinion this example from Microsoft is very flawed and
    probably should not be used. Using memberOf does not give you nested group
    membership, does not ensure that the groups are security groups and does not
    include the user's primary group. A much better solution is to use the
    tokenGroups attribute on the current user to get their full transitive
    security group membership. The trick is that this attribute returns an
    array of SID structures as byte(), so they are a bit harder to resolve back
    into names (but certainly not impossible).

    Normally, you are interested in the group names if you want to build an
    IPrincipal object in order to make role-based authorization decisions. If a
    simple authentication (in or out of the site) is adequate for your needs,
    then you could easily just skip this whole mess and be done with it.
    Normally, you need role-based authorization if certain users are allowed to
    perform certain actions that others are not and you need an easy way to
    distinguish them at runtime.

    I hope that helps,

    Joe K.

    "mrwoopey" <mrwoopey> wrote in message
    news:e48ab325.0306251041.392308b9posting.google.c om...
    > Hi Marc,
    >
    > Thanks for the tip, it worked! The thing that doesn't work now is
    > trying to find the group that the user is in ("Error obtaining group
    > names"). So, I commented out the code "adAuth.GetGroups()". Does
    > anybody know how to get "adAuth.GetGroups()" working from the example:
    >
    > [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url]
    >
    > Besides that I can log in. Do I really need to check for group name?
    >
    > Thanks,
    >
    > Phin
    >
    > "Marc Nivens [MSFT]" <marcnonline.microsoft.com> wrote in message
    news:<O3NbmutODHA.3408tk2msftngp13.phx.gbl>...
    > > DC= should be followed by a domain DN, not a servername. If you want to
    > > bind to DC1 in domain domain.com, you would use this:
    > >
    > > LDAP://DC1/DC=domain,DC=com
    > >
    > > If you use serverless binding, you would just use:
    > >
    > > LDAP://DC=domain,DC=com
    > >
    > > --
    > > Marc Nivens
    > > Enterprise Messaging Support
    > >
    > > This posting is provided "AS IS" with no warranties, and confers no
    rights.
    > > Use of included script samples are subject to the terms specified at
    > > [url]http://www.microsoft.com/info/cpyright.htm[/url]
    > >
    > >
    > > "mrwoopey" <mrwoopey> wrote in message
    > > news:e48ab325.0306241458.78b2dbdaposting.google.c om...
    > > > Hi,
    > > >
    > > > I am using the example "Authenticate against the Active Directory by
    > > > Using Forms Authentication and Visual Basic .NET":
    > > >
    > > > [url]http://support.microsoft.com/default.aspx?scid=KB;EN-US;326340[/url]
    > > >
    > > > But I am having a problem figuring out the LDAP://
    > > >
    > > > The LDAP:// that I pass looks like this (i substitued generic the
    > > > following with generic name):
    > > >
    > > > Dim adPath as String =
    > > > LDAP://DC=SomeDomainControllerComputerThatHasActiveDirect ory"
    > > >
    > > > But I am receiveing the following message when I try to log in with
    > > > the example:
    > > > "Error authenticating. Error authenticating user. The specified domain
    > > > either does not exist or could not be contacted"
    > > >
    > > > How do I figure out how my "LDAP://" should look like?
    > > >
    > > > Thanks,
    > > >
    > > > Phin

    Joe Kaplan \(MVP - ADSI\) Guest

  4. #4

    Default Re: How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted")

    Joe,

    Thanks for your input. I'll try it!

    thanks,

    Phin
    mrwoopey Guest

  5. #5

    Default Re: How do you figure out the LDAP://? ("Error authenticating. Error authenticating user. The specified domain either does not exist or could not be contacted")

    Joe,

    Thanks for your input. I'll try it!

    thanks,

    Phin
    mrwoopey Guest

Similar Threads

  1. Getting error "The file specified in contentTag does not exist."
    By kofboat123 in forum Brainstorming Area
    Replies: 0
    Last Post: January 17th, 07:52 PM
  2. "Send for review" user error
    By user@domain.invalid in forum Macromedia Contribute General Discussion
    Replies: 3
    Last Post: April 24th, 07:26 PM
  3. ERROR: relation "table" does not exist - HELP
    By Dann Corbit in forum PostgreSQL / PGSQL
    Replies: 2
    Last Post: December 11th, 09:33 PM
  4. PCs authenticating with wrong Domain Server
    By Johnny Wright in forum Windows Server
    Replies: 2
    Last Post: June 5th, 07:24 PM
  5. Authenticating against NT 4 Domain
    By ShikariShambu in forum ASP.NET Security
    Replies: 0
    Last Post: July 24th, 02:06 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139