Solved

ASP GetObject("WinNT://") no longer works after upgrading to Windows 2003 domain

Posted on 2004-09-20
6
1,945 Views
Last Modified: 2008-01-09
I just upgraded my domain from a Windows 2000 domain to a Windows 2003 domain and now when the below code is ran from my webserver it doesn't return the requested data from Active Directory.
<%
strUser= Replace(Request.ServerVariables("LOGON_USER"), "\", "/")
On Error Resume Next
      Set xUser = GetObject("WinNT://" & strUser & ",user")
      usrUserName = xUser.Name
            usrFullname = xUser.Fullname
            nameArray = Split(usrFullname, " ", -1, 1)
            usrFirstName = nameArray(LBound(nameArray))
            usrLastName = nameArray(UBound(nameArray))
            usrPhone = xUser.Description
            For Each grp In xUser.Groups
                  If Left(grp.Name,5) = "Dept_" then
                        usrGroup = grp.Name
                  End If
            Next
      'Print to screen for testing
            Response.Write "strUser : " & strUser & "<br>"
            Response.Write "Username : " & usrUserName & "<br>"
            Response.Write "Full Name: " & usrFullname & "<br>"
            Response.Write "First Name: " & usrFirstName & "<br>"
            Response.Write "Last Name: " & usrLastName & "<br>"
            Response.Write "Description: " & usrDescription & "<br>"
            Response.Write  "Group: " & usrGroup & "<br><br>"
            For Each grp In xUser.Groups
                   Response.Write  "Group: " & grp.Name & "<br>"
            Next
%>

My Domain Controller is Windows 2003
My webserver is Windows 2000 Latest SP and updates
The user is forced to login to this page with Windows autentication ,which is how I get the user name.
The <DOMAIN>/<USERNAME> is returned just fine from the Request.ServerVariables call
The above code worked fine before I upgraded the domain, that has been the only change.
No changes were made to the Windows 2000 web server
All other aspects of my environment work fine, no errors

Please help,
JWB
0
Comment
Question by:r_hagrid
  • 2
  • 2
  • 2
6 Comments
 
LVL 15

Expert Comment

by:joeposter649
ID: 12106517
You could try creating a simple vbs file and see if it runs from the command line...

Set oUser = GetObject("WinNT://Yourdomain/Youruserid,user")
WScript.Echo(oUser.Name)
set oUser=nothing

Then try it as an asp page.
0
 

Author Comment

by:r_hagrid
ID: 12106775
Great idea joeposter649!

I did what you suggested and ran your script.vbs file from the 2000 box and it worked just fine.  It works fine from any box in my environment.
So what does that tell me?  
It isn't the GetObject is it?

So I though maybe IIS...

I moved the website from the 2000 server to a 2003 server and it works if I access it from a windows 2003 system, but not from XP or 2000 pro.  This is getting very confusing.

Maybe I need to change the way I access active directory?  Does anyone have any good examples to get the data I am refering to in the above code?

Thanks!!!
-JWB
0
 
LVL 11

Assisted Solution

by:coopzz
coopzz earned 100 total points
ID: 12108552
You may want to look up LDAP vb6 or whatever..  you can grab all this and much more. it's the newer way of achieving what your trying to do but a bit more complex.

I'll come back with some examples later.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 15

Accepted Solution

by:
joeposter649 earned 400 total points
ID: 12108592
I'd say it's a permissions problem with iusr_machine on the 2000 box.  
Maybe you could set up a site on the IIS 2000 server that runs under your ID and see if it works there.

You could try taking out the On Error Resume Next too.  Or better yet run a really simple asp page similar to the vbs.

Wouldn't hurt to check the security logs on the exchange server too.
0
 

Author Comment

by:r_hagrid
ID: 12112115
It was the iusr accounts that were causing the problem.  Thank you so much for opening my eyes.  Who knows how long I would have gone without even checking them.

You all were great help and coopzz if you wouldn't mind posting some samples on a better way to do what I am trying I would really appreciate it.

Again thanks for your time!
-JWB
0
 
LVL 11

Expert Comment

by:coopzz
ID: 12112305
No nessacery a better way just a new way..

heres just some info I've provided somewhere else on the matter
http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_21138580.html

the reason it's more complex is because your looking at you active directory structure.
theres also plenty of examples out there
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnactdir/html/BuildingADApps.asp
http://www.freevbcode.com/ShowCode.asp?ID=710
http://www.codeguru.com/forum/showthread.php?t=305150&goto=nextnewest
http://www.google.com.au/search?q=ldap+active+directory+vb

cheers have fun.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now