Hi, I realise this may be the wrong place but it looked closest to the right area. I am building a C# ASP.Net application that has a requirement to query our NT4 domain to check the user is in a number of defined groups (and many other things). This is the
same model we have used for security for a number of years with Classic ASP and ADSI with great success. My eventually aim is to encapsulate all the old ASP ADSI functionality (or most of it) into a .Net Web Service that I can pass out to my developers. I
have played with the System.DirectoryServices namespace and tried using the ActiveDS COM shim however I keep failing to get anything working :(. Is there any good guides or code samples that show you how to get started on this without going straight into the
LDAP:// directory and rendering the code useless on an NT4 domain? The code I have been toying with is below… For reference the app is running under Windows Auth in IIS and
Is set in the Web.Config. I have also played with setting
public class ADSITest : System.Web.UI.Page
{
private void Page_Load(object sender, System.EventArgs e)
{
System.DirectoryServices.DirectoryEntry user = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/UserName,user");
object groups = user.Invoke("Groups",null);
foreach( object group in (IEnumerable) groups)
{
System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member);
Response.Write(x.Name);
}
System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/GroupName,group");
object members = group.Invoke("Members",null);
foreach( object member in (IEnumerable) members)
{
System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member);
Response.Write(x.Name);
}
}
I don't know of any great samples for WinNT:// using System.DirectoryServices. What is the error you are getting when you run the code? For reference, you will likely not be able to use impersonation here (from web.config) because with NTLM authentication you
will exceed the 1 hop limitation to delegate your request to the PDC. You will need to use .Username or .Password (or host in COM+) instead.
DJWillis
Member
5 Points
1 Post
System.DirectoryServices and a Win NT4 Domain.
Oct 27, 2003 10:07 AM|LINK
public class ADSITest : System.Web.UI.Page { private void Page_Load(object sender, System.EventArgs e) { System.DirectoryServices.DirectoryEntry user = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/UserName,user"); object groups = user.Invoke("Groups",null); foreach( object group in (IEnumerable) groups) { System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member); Response.Write(x.Name); } System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/GroupName,group"); object members = group.Invoke("Members",null); foreach( object member in (IEnumerable) members) { System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member); Response.Write(x.Name); } }Kind Regards, John Willisdunnry
Star
9098 Points
1806 Posts
Re: System.DirectoryServices and a Win NT4 Domain.
Oct 27, 2003 01:41 PM|LINK
Weblog
The Book
LDAP Programming Help