J
Joe User
I have a set of web pages on an AD-authenticated web site that are
supposed to allow users to modify their own AD account attributes,
limited of course to things like their email address, URL, etc. I was
hoping to connect to LDAP using secure authentication as described on
a few tech web pages, and the connection works fine but when it's time
to commit the changes with .SetInfo, the script fails with:
Active Directory error '80070005'
General access denied error
This is a terrible stumbling block for me. Is there a way to get this
working, or is there another way of doing this altogether?
Any help greatly appreciated!!!
Thanks,
Brad
Here's a code snippet...
Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_SECURE_AUTHENTICATION = 1
user = Request("user") ' display name from POST data
newemail = Trim(Request("mail")) ' new email address from POST data
strUserDN =
"cn=Administrator,cn=Users,dc=network,dc=rectaltronics,dc=com"
strPassword = "IdontThinkSo"
Set objRoot = GetObject("LDAP:")
Set objDomain = _
objRoot.OpenDSObject("LDAP://dc=network,dc=rectaltronics,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
' so far, so good.
ADSPath = "LDAP://cn=" & user &
",ou=Family,dc=network,dc=rectaltronics,dc=com"
Set objUser = GetObject(ADSPath)
currentemail = objUser.Get("mail")
' still OK here, but I could do the .Get under user's creds too.
SetAttrib "mail",newemail
objUser.SetInfo
' above line is where it bombs!
supposed to allow users to modify their own AD account attributes,
limited of course to things like their email address, URL, etc. I was
hoping to connect to LDAP using secure authentication as described on
a few tech web pages, and the connection works fine but when it's time
to commit the changes with .SetInfo, the script fails with:
Active Directory error '80070005'
General access denied error
This is a terrible stumbling block for me. Is there a way to get this
working, or is there another way of doing this altogether?
Any help greatly appreciated!!!
Thanks,
Brad
Here's a code snippet...
Const ADS_PROPERTY_CLEAR = 1
Const ADS_PROPERTY_UPDATE = 2
Const ADS_SECURE_AUTHENTICATION = 1
user = Request("user") ' display name from POST data
newemail = Trim(Request("mail")) ' new email address from POST data
strUserDN =
"cn=Administrator,cn=Users,dc=network,dc=rectaltronics,dc=com"
strPassword = "IdontThinkSo"
Set objRoot = GetObject("LDAP:")
Set objDomain = _
objRoot.OpenDSObject("LDAP://dc=network,dc=rectaltronics,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
' so far, so good.
ADSPath = "LDAP://cn=" & user &
",ou=Family,dc=network,dc=rectaltronics,dc=com"
Set objUser = GetObject(ADSPath)
currentemail = objUser.Get("mail")
' still OK here, but I could do the .Get under user's creds too.
SetAttrib "mail",newemail
objUser.SetInfo
' above line is where it bombs!