Solved

IIS6 and LDAP

Posted on 2004-10-13
11
530 Views
Last Modified: 2012-06-22
I am in the process of migrating to IIS6 from 5 and am having problems with production code not running on 6. I have set NTFS permissions, IIS permissions, activated ASP, activated Parent paths, set the default scripting language to VBScript, installed SMTP service and configured LDAP Routing to point to my ADS domain. the code is:

IF Request.ServerVariables("AUTH_USER")<>"" THEN
      Set objUser = GetObject("LDAP://CN="&Request.ServerVariables("AUTH_USER")&",CN=XXXX,DC=XXXX,DC=XXXX,DC=XXXX")
      proxyaddresses = objUser.Get("proxyAddresses")
      firstone = 1
      username = objUser.Get("givenname") & " " & objUser.Get("sn")
      vunetid = Request.ServerVariables("AUTH_USER")
end if

If i do a response.write on Request.ServerVariables("AUTH_USER") I do get my authenticated user.
0
Comment
Question by:longjt
  • 6
  • 5
11 Comments
 
LVL 15

Accepted Solution

by:
deighc earned 200 total points
ID: 12306378
What exactly is your problem? Are you getting errors?

When I bind to a user in the AD I do it like this:

set objSysInfo = Server.CreateObject("ADSystemInfo")
set objUser = GetObject("LDAP://" & objSysInfo.UserName)

This uses the built in ADSystemInfo object. Reading the UserName property will give you the LDAP path to the current user in the AD. It's nice because then you know for sure that your LDAP query is correct. I've used this code on both IIS5 on Win2000 and IIS6 on Win2003 and never had any problems.

If this doesn't help let me know the exact nature of your problem.
0
 

Author Comment

by:longjt
ID: 12308580
The code looks good but I get an error from the IIS server :500. the code it is running is:

set objSysInfo = Server.CreateObject("ADSystemInfo")
set objUser = GetObject("LDAP://" & objSysInfo.UserName)
User=objUser.CN
 
the getobject is where it fails. Could it be a setting on the IIS server?
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308655
> Could it be a setting on the IIS server?

Maybe. A permissions thing perhaps.

What type of Authentication is your web app using?
I've only ever used this with Integrated Authentication (sorry, I should've mentioned this earlier).
0
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

 

Author Comment

by:longjt
ID: 12308695
Yes I have Integrated Authentication set for this site, still get the error.
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308733
Maybe write out the value of objSysInfo.UserName and make sure it's returning a value.

It should return a LDAP path to the current user's object in the AD.
0
 

Author Comment

by:longjt
ID: 12308765
Just did that but no go. It has to be something to do with the server.
0
 
LVL 15

Expert Comment

by:deighc
ID: 12308857
Hmmmm.

First make sure that the ADSystemInfo is being created successfully:

Response.write TypeName(objUser) should return "Object"
Response.write objUser.Name should return the name of the current user.
0
 

Author Comment

by:longjt
ID: 12308911
the TypeName(objUser) returned "Empty"
0
 
LVL 15

Expert Comment

by:deighc
ID: 12309015
That's bad...

I have no idea why that's happening. The ADSystemInfo object returns info about the local machine (in this case the web server). The UserName property returns the name of the current logged in user. Because you're using Integrated authentication this should be the name of the client user accessing the web app.

So it seems like the client user isn't correctly being authenticated via your web app.

One thing to check (and sorry if seems obvious): is Anonymous access disabled in IIS ? (it should be).
0
 

Author Comment

by:longjt
ID: 12309060
Yes, to this site it is. would it help to have the site propt for authentication?
0
 
LVL 15

Expert Comment

by:deighc
ID: 12309100
> would it help to have the site propt for authentication?

You could try it. But in my own experience I've never had problems with that code when using Integrated authentication.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Classic ASP - SQL Server connection problem 5 65
Update field in order 21 140
IP API - need data... 4 23
Passing Parameter to Stored Procedure 4 23
I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
In a recent question (https://www.experts-exchange.com/questions/28997919/Pagination-in-Adobe-Acrobat.html) here at Experts Exchange, a member asked how to add page numbers to a PDF file using Adobe Acrobat XI Pro. This short video Micro Tutorial sh…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question