System.DirectoryServices and a Win NT4 Domain.

Hi, I realise this may be the wrong place but it looked closest to the right area. I am building a C# ASP.Net application that has a requirement to query our NT4 domain to check the user is in a number of defined groups (and many other things). This is the same model we have used for security for a number of years with Classic ASP and ADSI with great success. My eventually aim is to encapsulate all the old ASP ADSI functionality (or most of it) into a .Net Web Service that I can pass out to my developers. I have played with the System.DirectoryServices namespace and tried using the ActiveDS COM shim however I keep failing to get anything working :(. Is there any good guides or code samples that show you how to get started on this without going straight into the LDAP:// directory and rendering the code useless on an NT4 domain? The code I have been toying with is below For reference the app is running under Windows Auth in IIS and

Is set in the Web.Config. I have also played with setting

user.Username = "domain\\myuser";
user.Password = "mypassword";

etc. for the DirectoryEntry but without luck.

public class ADSITest : System.Web.UI.Page
{
	private void Page_Load(object sender, System.EventArgs e)
	{
		System.DirectoryServices.DirectoryEntry user = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/UserName,user"); 
		object groups = user.Invoke("Groups",null); 
		foreach( object group in (IEnumerable) groups) 
		{ 
			System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member); 
			Response.Write(x.Name); 
		} 

		System.DirectoryServices.DirectoryEntry group = new System.DirectoryServices.DirectoryEntry("WinNT://NT4Domain/GroupName,group"); 
		object members = group.Invoke("Members",null); 
		foreach( object member in (IEnumerable) members) 
		{ 
			System.DirectoryServices.DirectoryEntry x = new System.DirectoryServices.DirectoryEntry(member); 
			Response.Write(x.Name); 
		}
	}

Kind Regards, John Willis

Re: System.DirectoryServices and a Win NT4 Domain.

I don't know of any great samples for WinNT:// using System.DirectoryServices. What is the error you are getting when you run the code? For reference, you will likely not be able to use impersonation here (from web.config) because with NTLM authentication you will exceed the 1 hop limitation to delegate your request to the PDC. You will need to use .Username or .Password (or host in COM+) instead.