Ask a Question related to ASP.NET Security, Design and Development.
-
Alberto Ortega #1
Impersonate + AD
Hi, I've got a difficult situation...
Is a website that runs on IIS with Anonymous Authentication, the tag
<identity impersonate="false"> on the Web.config file. So the thread is
executed by user "NT AUTHORITY".
So when I use AD API ( FindOne() ) it works well.
The point is that when I impersonate that user by code (that works well too)
when I execute that function from the AD API it returns an error:
{"Operation Error" } [System.Runtime.InteropServices.COMException]:
{System.Runtime.InteropServices.COMException} System.Object:
{System.Runtime.InteropServices.COMException} _className: null
_COMPlusExceptionCode: -532459699 _exceptionMethod:
{System.Reflection.RuntimeMethodInfo} _exceptionMethodString: null _helpURL:
null _HResult: -2147016672 _innerException: { } _message: "Operation Error"
_remoteStackIndex: 0 _remoteStackTraceString: null _source:
"System.DirectoryServices" _stackTrace: {System.Array} _stackTraceString: "
at System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_AdsObj ect()\r\n at
System.DirectoryServices.DirectorySearcher.FindAll (Boolean
findMoreThanOne)\r\n at
System.DirectoryServices.DirectorySearcher.FindOne ()\r\n at
Banelco.CSB.DNN.Providers.ActiveDirectory.LdapAuth entication.GetUser(String
username)" _xcode: -532459699 _xptrs: 0 HelpLink: null HResul
Thanks
Alberto Ortega
Alberto Ortega Guest
-
Asp.net impersonate
I don't think impersonation loads the user profile of the account being impersonated. If you think about it, that would make impersonation very... -
To Be or To Impersonate, that is the Question
Alrighty, my continued foray into accessing network resources from the web server continues... When employees hit the intranet ASP.NET... -
DirectoryEntry Impersonate or WindowsIdentity Impersonate?
Another security question. Our project interfaces with the Active Directory. To satisfy the security issues, we have a couple options when we talk... -
impersonate
Hi all, I create a aspnet web app for my company. I set it up on a win2000 server with IIS5 as a intranet app. For security, I want to restrict... -
Impersonate at runtime
Hi, I want to move my files from web servers to a shared folder on the database server. For this I impersonate the aspnet user to common... -
mpes #2 Re: Impersonate + AD
I could have had a similar problem, try to check:
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;329986[/url]
[url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/tro[/url]
ubleshooting_authentication_problems_on_asp_pages. asp?frame=true
Martin
"Alberto Ortega" <beto@NOSPAMTOMEsouthworks.net> wrote in message
news:#J0xZo0HFHA.4060@TK2MSFTNGP14.phx.gbl...too)> Hi, I've got a difficult situation...
> Is a website that runs on IIS with Anonymous Authentication, the tag
> <identity impersonate="false"> on the Web.config file. So the thread is
> executed by user "NT AUTHORITY".
> So when I use AD API ( FindOne() ) it works well.
> The point is that when I impersonate that user by code (that works well_helpURL:> when I execute that function from the AD API it returns an error:
>
> {"Operation Error" } [System.Runtime.InteropServices.COMException]:
> {System.Runtime.InteropServices.COMException} System.Object:
> {System.Runtime.InteropServices.COMException} _className: null
> _COMPlusExceptionCode: -532459699 _exceptionMethod:
> {System.Reflection.RuntimeMethodInfo} _exceptionMethodString: nullError"> null _HResult: -2147016672 _innerException: { } _message: "Operation"> _remoteStackIndex: 0 _remoteStackTraceString: null _source:
> "System.DirectoryServices" _stackTrace: {System.Array} _stackTraceString:at> at System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\nBanelco.CSB.DNN.Providers.ActiveDirectory.LdapAuth entication.GetUser(String> System.DirectoryServices.DirectoryEntry.Bind()\r\n at
> System.DirectoryServices.DirectoryEntry.get_AdsObj ect()\r\n at
> System.DirectoryServices.DirectorySearcher.FindAll (Boolean
> findMoreThanOne)\r\n at
> System.DirectoryServices.DirectorySearcher.FindOne ()\r\n at
>> username)" _xcode: -532459699 _xptrs: 0 HelpLink: null HResul
>
>
> Thanks
>
> Alberto Ortega
>
>
mpes Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
