Last post Dec 08, 2009 05:09 PM by wtroom
Dec 08, 2009 02:48 PM|safzal1212|LINK
I am using LDAP to authenticate users Active Directory using the follwoing code
Dim serverPath, ActiveDirectorySearchPath As String
serverPath = "LDAP://XWI11222.corp.xyz.com"
ActiveDirectorySearchPath = "LDAP://dn=dev.ABCMed,dn=COM,OU= Application Accounts;"
Dim dirEnt As DirectoryEntry = New DirectoryEntry(serverPath, strUserName, strPassword)
Dim mySearcher As DirectorySearcher = New DirectorySearcher(dirEnt)
mySearcher.Filter = "(&(objectClass=user)(samaccountname=" & strUserName & "))"
strUserName = mySearcher.FindOne().GetDirectoryEntry.Properties.Item("cn").Value
blnValidUser = True
Now the problem is when I run this code through my code it works fine but when I deploy the code to test server it start giving me error "The server is not operational".
Any idea why its giving that error?
Dec 08, 2009 03:12 PM|wtroom|LINK
What user context is the application running under when it's deployed to the server? It may not be working because the account that the application is running under on the deployed server doesn't have access to your LDAP server. It may be running under
the anonymouse IIS account, whereas on your machine it may be running under your credentials.
Sometimes errors are misleading, I've had problems like that before and usually got an error similiar to yours when dealing with LDAP queries.
Even if you have identity impersonate to true, by the time the application goes to query the LDAP server it will be running under the context of the application pool (because it's an additional "hop") which could be Network Service or another system account.
Just something to think about it.
Dec 08, 2009 04:44 PM|safzal1212|LINK
Thanks for your reply. You are right its running under anonymouse IIS account. Can you tell me what is the solution for that. I tried running ldp.exe on my test server and it gives me an error:
0x0 = ldap_unbind(ld);
ld = cldap_open("18.104.22.168", 389);
Established connection to 22.214.171.124.
Retrieving base DSA information...
Server error: <empty>
Error<94>: ldap_parse_result failed: No result present in message
Getting 0 entries:
Dec 08, 2009 05:09 PM|wtroom|LINK
Well without knowing your entire environment, I can't provide a great solution. However, what you can do is create an application pool in your IIS server and have that application pool run under a domain security account that has access to your LDAP Server.
Then set the website that needs to query LDAP run under the application pool you just created.
Sorry I can't be much more of assistance. These issue's are sometime difficult to solve without being involved in the environment. The best advice I can give is to make sure your authentication is setup correctly via application pools, domain accounts,
web.config, network IP's, etc...