L
Lino Garcia
Hi,
I'm using the walkthrough described in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
and I followed step by step.
However, when I try with a valid AD account/password combination the code
always throws an exception in the line
Object obj = entry.NativeObject;
The full exception message is:
"System.Runtime.InteropServices.COMException (0x8007202B): A referral was
returned from the server\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_NativeObject()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated(String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldapauthentication.cs:line 38"
If I try with an invalid AD account/password, arises another exception:
"System.Runtime.InteropServices.COMException (0x8007052E): Logon failure:
unknown user name or bad password\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_NativeObject()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated(String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldapauthentication.cs:line 38"
My environment is a development environment, AD in a Windows 2000 Server and
my ASP.NET application running in XP Pro SP2 machine. The <processmodel>
setting in machine.config is configured to : SYSTEM.
The setting :
<identity impersonate="true" />
is present in my web.config file.
The IIS virtual directory is configured as an IIS application with :
-Execute Permissions : Script Only
-Application Protection : Medium (Pooled)
-Authentication Methods:
* Anonymous Access, configured with a valid domain account. The MSDN article
I mentioned does not specify if this account could be a domain or local
account, just that it has to be a less privileged account.
* Integrated Windows Authentication
The code from the MSDN article was copied to a C# class type .NET project,
which in turn is called by an ASP.NET web form which makes a project type
reference to the class project.
I've not tried the code from a windows form application however.
Can somebody give me a hint about what's happening?
Best regards.
I'm using the walkthrough described in
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
and I followed step by step.
However, when I try with a valid AD account/password combination the code
always throws an exception in the line
Object obj = entry.NativeObject;
The full exception message is:
"System.Runtime.InteropServices.COMException (0x8007202B): A referral was
returned from the server\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_NativeObject()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated(String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldapauthentication.cs:line 38"
If I try with an invalid AD account/password, arises another exception:
"System.Runtime.InteropServices.COMException (0x8007052E): Logon failure:
unknown user name or bad password\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_NativeObject()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated(String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldapauthentication.cs:line 38"
My environment is a development environment, AD in a Windows 2000 Server and
my ASP.NET application running in XP Pro SP2 machine. The <processmodel>
setting in machine.config is configured to : SYSTEM.
The setting :
<identity impersonate="true" />
is present in my web.config file.
The IIS virtual directory is configured as an IIS application with :
-Execute Permissions : Script Only
-Application Protection : Medium (Pooled)
-Authentication Methods:
* Anonymous Access, configured with a valid domain account. The MSDN article
I mentioned does not specify if this account could be a domain or local
account, just that it has to be a less privileged account.
* Integrated Windows Authentication
The code from the MSDN article was copied to a C# class type .NET project,
which in turn is called by an ASP.NET web form which makes a project type
reference to the class project.
I've not tried the code from a windows form application however.
Can somebody give me a hint about what's happening?
Best regards.