Ask a Question related to ASP.NET Security, Design and Development.
-
Arthur Penn #1
Unable to read Active Directory data from a web part - Unknown error (0x80005000)
I've read a number of other postings trying to deal with this problem,
but none of the suggestions worked. I developed a SharePoint 2003
portal locally and built a web part for it that reads user data from
Active Directory. It works fine deployed to the SPS server in our
domain--the DC is on a separate machine from SPS, and I can even cross
domains and read the user data from other trusted domains locally.
When I restored the portal at the client site and deployed the web
part, the part fails to read data from Active Directory and gets the
following error:
Exception Details: System.Runtime.InteropServices.COMException:
Unknown error (0x80005000)
[COMException (0x80005000): Unknown error (0x80005000)]
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)
+512
System.DirectoryServices.DirectoryEntry.Bind() +10
System.DirectoryServices.DirectoryEntry.get_AdsObj ect() +10
System.DirectoryServices.DirectorySearcher.FindAll (Boolean
findMoreThanOne) +198
System.DirectoryServices.DirectorySearcher.FindAll () +10
Namespace.SharePoint.WebPartCode.findUsers(Directo ryEntry root)
Here are some relevant points about the environment and things I
tried:
1) The SPS server is a member server of the domain we are trying to
pull AD from, but is not a DC.
2) We audited directory info access on the DC the code should have
been hitting, and it does not log any entries when it fails. This
leads me to believe that it is a problem on the SPS server and not the
double-hop issue.
3) The SPS portal's web config has the following entries:
<authentication mode="Windows" />
<authorization>
<allow users="*" />
</authorization>
<identity impersonate="true" />
4) The domain the SPS server is in runs in native mode.
5) The web part passes credentials to the DirectoryEntry object to use
in performing the retrieval. We elevated the permissions of the passed
account to a domain admin, but this did not help. Relevant code
sections are as follows:
a) Get the DirectoryEntry object and pass the credentials specified in
the web part properties page:
DirectoryEntry root;
try
{
root = new DirectoryEntry(adPath,
this._adUserName, this._adPassword, AuthenticationTypes.Delegation);
b) Create the DirectorySearcher object and execute the LDAP query from
the web part properties:
DirectorySearcher searcher = new
DirectorySearcher(root);
SearchResultCollection results;
searcher.ServerTimeLimit = TimeSpan.FromMinutes(5);
searcher.Filter =
"(&(objectClass=user)(objectCategory=person)(manag er=*))";
searcher.PropertiesToLoad.Add("cn");
searcher.PageSize = 800;
try
{
results = searcher.FindAll(); // error occurs
here
Does anyone have any ideas? It seems that the code cannot access the
AD COM objects underneath the System.DirectoryServices objects on the
local machine, but I don't know what to do to fix it.
Thanks so much for your time.
Arthur Penn Guest
-
Active Directory authority needed in SharePoint Web Part
I've been working on a Web Part that can update Active Directory for some time. I'm trying to give SharePoint administrators the ability to add... -
#25921 [Opn->Bgs]: Unable to handle Active Directory referals (W2k3)
ID: 25921 Updated by: sniper@php.net Reported By: bugs dot php dot net at phrenetic dot to -Status: Open... -
#25921 [Opn]: Unable to handle Active Directory referals (W2k3)
ID: 25921 User updated by: bugs dot php dot net at phrenetic dot to Reported By: bugs dot php dot net at phrenetic dot to... -
#25921 [NEW]: Unable to handle Active Directory referals (W2k3)
From: bugs dot php dot net at phrenetic dot to Operating system: RedHat 7.1 PHP version: 4.3.3 PHP Bug Type: LDAP related... -
Please help with this error: Warning: Unknown(): A session is active.
Hi! I've searched high and low for this on the net but stil haven't found an answer. I'm trying to install both postnuke and xoops on a win2k... -
Stefan Falk #2 Re: Unable to read Active Directory data from a web part - Unknown error (0x80005000)
Hello Arthur,
i have a very similar problem. Seems as if AD searching from ASP.NET works
only occasionally.
My setup is as follows: An ASP.NET web service should query AD about the
SMTP address of a user and send mail to him/her. My Windows XP development
machine with local IIS successfully queries AD on our Windows 2003 DC.
However, at the customer's site, the Windows 2000 IIS seems not to try to
query the Windows 2000 DC (nothing logged on the DCs despite logging turned
on). DirectorySearcher.FindOne simply returns nothing without any error
logged.
I have searched MSDN library to no avail. Seems to me as if many developers
have this kind of problem but noone has an answer.
Do you have something new about the topic?
Greetings,
Stefan Falk
Stefan Falk Guest
-
Joe Kaplan \(MVP - ADSI\) #3 Re: Unable to read Active Directory data from a web part - Unknown error (0x80005000)
Can you post your code? Have you read this article?
[url]http://support.microsoft.com/default.aspx?scid=kb;en-us;329986[/url]
These problems with System.DirectoryServices are generally caused by
security context issues and the use of default credentials and/or serverless
binding with a non-domain account.
Joe K.
"Stefan Falk" <nothing@nospam.com> wrote in message
news:u%23mHQB91DHA.1700@TK2MSFTNGP12.phx.gbl...turned> Hello Arthur,
>
> i have a very similar problem. Seems as if AD searching from ASP.NET works
> only occasionally.
>
> My setup is as follows: An ASP.NET web service should query AD about the
> SMTP address of a user and send mail to him/her. My Windows XP development
> machine with local IIS successfully queries AD on our Windows 2003 DC.
> However, at the customer's site, the Windows 2000 IIS seems not to try to
> query the Windows 2000 DC (nothing logged on the DCs despite loggingdevelopers> on). DirectorySearcher.FindOne simply returns nothing without any error
> logged.
>
> I have searched MSDN library to no avail. Seems to me as if many> have this kind of problem but noone has an answer.
>
> Do you have something new about the topic?
>
> Greetings,
> Stefan Falk
>
>
Joe Kaplan \(MVP - ADSI\) Guest
-
Stefan Falk #4 Re: Unable to read Active Directory data from a web part - Unknown error (0x80005000)
Hello Joe,
have warmest thanks for your tip. I wasn't aware of the double-hop issue
mentioned in the KB article. In fact, i have no idea about why i haven't
found that article on my own. So thank you very much again.
Greetings,
Stefan
Stefan Falk Guest
-
Krish Shenoy[MSFT] #5 Re: Unable to read Active Directory data from a web part - Unknown error (0x80005000)
0x80005000 is E_ADS_BAD_PATHNAME
# An invalid directory pathname was passed
"Stefan Falk" <nothing@nospam.com> wrote in message
news:u%23mHQB91DHA.1700@TK2MSFTNGP12.phx.gbl...turned> Hello Arthur,
>
> i have a very similar problem. Seems as if AD searching from ASP.NET works
> only occasionally.
>
> My setup is as follows: An ASP.NET web service should query AD about the
> SMTP address of a user and send mail to him/her. My Windows XP development
> machine with local IIS successfully queries AD on our Windows 2003 DC.
> However, at the customer's site, the Windows 2000 IIS seems not to try to
> query the Windows 2000 DC (nothing logged on the DCs despite loggingdevelopers> on). DirectorySearcher.FindOne simply returns nothing without any error
> logged.
>
> I have searched MSDN library to no avail. Seems to me as if many> have this kind of problem but noone has an answer.
>
> Do you have something new about the topic?
>
> Greetings,
> Stefan Falk
>
>
Krish Shenoy[MSFT] Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
