Solved

IIS6 and LDAP

Posted on 2004-10-13
11
534 Views
Last Modified: 2012-06-22
I am in the process of migrating to IIS6 from 5 and am having problems with production code not running on 6. I have set NTFS permissions, IIS permissions, activated ASP, activated Parent paths, set the default scripting language to VBScript, installed SMTP service and configured LDAP Routing to point to my ADS domain. the code is:

IF Request.ServerVariables("AUTH_USER")<>"" THEN
      Set objUser = GetObject("LDAP://CN="&Request.ServerVariables("AUTH_USER")&",CN=XXXX,DC=XXXX,DC=XXXX,DC=XXXX")
      proxyaddresses = objUser.Get("proxyAddresses")
      firstone = 1
      username = objUser.Get("givenname") & " " & objUser.Get("sn")
      vunetid = Request.ServerVariables("AUTH_USER")
end if

If i do a response.write on Request.ServerVariables("AUTH_USER") I do get my authenticated user.
0
Comment
Question by:longjt
  • 6
  • 5
11 Comments
 
LVL 15

Accepted Solution

by:
deighc earned 200 total points
ID: 12306378
What exactly is your problem? Are you getting errors?

When I bind to a user in the AD I do it like this:

set objSysInfo = Server.CreateObject("ADSystemInfo")
set objUser = GetObject("LDAP://" & objSysInfo.UserName)

This uses the built in ADSystemInfo object. Reading the UserName property will give you the LDAP path to the current user in the AD. It's nice because then you know for sure that your LDAP query is correct. I've used this code on both IIS5 on Win2000 and IIS6 on Win2003 and never had any problems.

If this doesn't help let me know the exact nature of your problem.
0
 

Author Comment

by:longjt
ID: 12308580
The code looks good but I get an error from the IIS server :500. the code it is running is:

set objSysInfo = Server.CreateObject("ADSystemInfo")
set objUser = GetObject("LDAP://" & objSysInfo.UserName)
User=objUser.CN
 
the getobject is where it fails. Could it be a setting on the IIS server?
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308655
> Could it be a setting on the IIS server?

Maybe. A permissions thing perhaps.

What type of Authentication is your web app using?
I've only ever used this with Integrated Authentication (sorry, I should've mentioned this earlier).
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:longjt
ID: 12308695
Yes I have Integrated Authentication set for this site, still get the error.
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308733
Maybe write out the value of objSysInfo.UserName and make sure it's returning a value.

It should return a LDAP path to the current user's object in the AD.
0
 

Author Comment

by:longjt
ID: 12308765
Just did that but no go. It has to be something to do with the server.
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308857
Hmmmm.

First make sure that the ADSystemInfo is being created successfully:

Response.write TypeName(objUser) should return "Object"
Response.write objUser.Name should return the name of the current user.
0
 

Author Comment

by:longjt
ID: 12308911
the TypeName(objUser) returned "Empty"
0
 
LVL 15

Expert Comment

by:deighc
ID: 12309015
That's bad...

I have no idea why that's happening. The ADSystemInfo object returns info about the local machine (in this case the web server). The UserName property returns the name of the current logged in user. Because you're using Integrated authentication this should be the name of the client user accessing the web app.

So it seems like the client user isn't correctly being authenticated via your web app.

One thing to check (and sorry if seems obvious): is Anonymous access disabled in IIS ? (it should be).
0
 

Author Comment

by:longjt
ID: 12309060
Yes, to this site it is. would it help to have the site propt for authentication?
0
 
LVL 15

Expert Comment

by:deighc
ID: 12309100
> would it help to have the site propt for authentication?

You could try it. But in my own experience I've never had problems with that code when using Integrated authentication.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
age from date of birth 4 57
Query still returning duplicates 5 49
edit .asp files 5 42
Button on Table, name table1 not working 4 33
Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question