Solved

Can't retrieve Full User Name from Active Directory

Posted on 2004-10-07
5
2,043 Views
Last Modified: 2008-01-09
For the past few days I've been trying to use Asp.net to get the full user name of a user logged onto an intranet website.  I've disabled anonomous access and enabled integrated windows authentication.  I'm able to get the logon name with Request.ServerVariables["LOGON_USER"], and have added <identity impersonate="true" /> to web.config.  After trying many different examples I finally got the following code to return the Full User name in Visual Studios debug mode, but when I try to use the same code from IIS the GetFullName function returns "System.Runtime.InteropServices.COMException (0x80070035):"  Does anyone have any idea how to get this running?


private void Page_Load(object sender, System.EventArgs e)
            {
                  
                  Label1.Text = GetFullName(Request.ServerVariables["LOGON_USER"].ToString());

            }

            private string GetFullName(string strLogin)
            {
                  string str = "";
                  // Parse the string to check if domain name is present.
                  int idx = strLogin.IndexOf('\\');
                  if (idx == -1)
                  {
                        idx = strLogin.IndexOf('@');
                  }

                  string strDomain;
                  string strName;

                  if (idx != -1)
                  {
                        strDomain = strLogin.Substring(0, idx);
                        strName = strLogin.Substring(idx+1);
                  }
                  else
                  {
                        strDomain = Environment.MachineName;
                        strName = strLogin;
                  }

                  DirectoryEntry obDirEntry = null;
                  try
                  {
                        obDirEntry = new DirectoryEntry("WinNT://" + strDomain + "/" + strName);
                        System.DirectoryServices.PropertyCollection  coll = obDirEntry.Properties;
                        object obVal = coll["FullName"].Value;
                        str = obVal.ToString();
                                                                return str;
                  }
                  catch (Exception ex)
                  {
                        str = "";
                        return "Error: "+ex;
                  }
                  
            }                        
0
Comment
Question by:Lee_IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:ihenry
ID: 12275890

Hi Lee_IT

I need some more information,
1. Have you tried to run the code not from a web project? try a console or winform project to test.
2. Is the IIS running on the same machine with AD?
3. Is your login account is set as trusted for delegation in AD
4. Version of IE?
5. Is "Integrated Windows Authentication" in IE advanced setting enabled?
5. What is the full error message? please post the exception stack trace as well

My initial suggestion would be to try this quick test
1. Change the IIS authentication method to Basic and leave the anonymous access uncheck.
2. Use a client machine to browse the aspx page, and supply domain credentials when prompted.
0
 

Author Comment

by:Lee_IT
ID: 12279254

1.  Yes, it works fine from a windows application
2.  No
3.  Yes
4.  6.0
5.  Yes
6.  The full error is as follows:

System.Runtime.InteropServices.COMException (0x80070035): The network path was not found at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at Forms.WebForm2.GetFullName(String strLogin) in c:\documents and settings\jdoe\vswebcache\johnd850\leeweb\forms\webform2.aspx.cs:line 77

I tried changing authentication mode from Integrated to basic and it worked, however, I'd like to keep it in Windows Integrated Authentication if at all possible.










System.Runtime.InteropServices.COMException (0x80070035): The network path was not found at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at Forms.WebForm2.GetFullName(String strLogin) in c:\documents and settings\csullivan\vswebcache\chriss850\leeweb\forms\webform2.aspx.cs:line 77
0
 
LVL 20

Accepted Solution

by:
ihenry earned 500 total points
ID: 12295811
Check if you miss out any of the settings below

http://support.microsoft.com/default.aspx?scid=kb;en-us;810572
0
 
LVL 20

Expert Comment

by:ihenry
ID: 12331782

Hello Lee_IT

Do you manage to get it working?
0
 

Author Comment

by:Lee_IT
ID: 12405989
Managed to get it working, thanks for the help.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question