Last post Apr 28, 2006 12:16 PM by dunnry
Apr 27, 2006 03:13 AM|mse3|LINK
I'm having trouble getting a valid domain user added to a local machine group. I've got a good DirectoryEntry object all loaded up with a domain user and a good one also for the local group, but when I try to add it to a local machine group (just my dev
box for now) I get the following error:
[COMException (0x80005000): An invalid directory pathname was passed]
Right now, I'm using the WinNT provider for getting the local machine group but I'm using the LDAP provider for the user object -- and that seems like not so good an idea. I'm thinking that I'm mixing apples and oranges here?
So should I be finding the local security group using the same provider (LDAP) or is this some insidious security problem? (I've got impersonation on in the web.config and set to use Windows Auth.)
Any tips would be much appreciated.
Apr 27, 2006 09:49 AM|dunnry|LINK
Apr 27, 2006 10:51 PM|mse3|LINK
Thanks, Ryan. That worked great.
A follow-up question: How would you create the user's WinNT binding string on the fly? Just to get it working, I did:
But I'd prefer not to make an assumption about the user's domain like that. What do you think is the most reliable way to determine the user's NT Domain? I didn't see an obvious property on the AD object to leverage...
Apr 28, 2006 12:16 PM|dunnry|LINK