?
Solved

Can not search LDAP Directory Services get errors  like "The parameter is incorrect" and "Unspecified error".

Posted on 2006-03-29
6
Medium Priority
?
1,872 Views
Last Modified: 2012-06-22
I am trying to use Microsoft dot Net (C#) to connect to my company directory services. Found a freeware tool "Softerra LDAP Browser" that I can use to connect with no problem. When I try to connect from my Web program using Microsoft "DirectoryServices", however, I am always getting error messages like "The parameter is incorrect" and "Unspecified error". Think that the problem has to do with the fact that in ASP.Net I am using the Internet Guest Account (USR_*) instead of my own account, and this account does not have authentication to the LDAP server. Trying to get around this problem by using my account for authentication, but have not had any luck so far. Also I am worried that my access might be blocked somehow but IT policies on my personal computer which has their version of Windows. Have run into this problem in the past where something that works on my server does not work on my PC. Problem is I do not have my new server yet.

If any of this makes sense to you I would really appreciate any help you might give me.
 
0
Comment
Question by:wsfindlater
  • 3
  • 2
6 Comments
 
LVL 14

Assisted Solution

by:existenz2
existenz2 earned 800 total points
ID: 16329781
An error like "The parameter is incorrect" suggests that you are connected to the LDAP server, but that you are performing a query which is not possible or trying to access something with bad parameters.
0
 
LVL 20

Accepted Solution

by:
ihenry earned 1200 total points
ID: 16333224
You can do a whois look up to know who is authenticated using Http.Current.User.Identity.Name (or Thread.CurrentThread.CurrentPrincipal). With anonymous access enable, you will get either ASPNET (or 'NT AUTHORITY\Network Service' for Win2K3) or IUSR_<machine> account depending on whether or not impersonation is enabled. On the other hand, if you disable anonymous access and enable Integrated Windows Authentication, the expression will return the name of the user, e.g. domain\username.

Some another things to look at is to run nslookup.exe and see if it can resolve the domain name. Also, check whether your network enforces kerberos delegation. If that the case, the domain user, IIS, the PC, browser must be trusted for delegation. And lastly, please post the piece of code that's giving the problem, maybe someone could see something unobviously wrong in it.

Henry
0
 

Author Comment

by:wsfindlater
ID: 16334783
This is my code:


using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.DirectoryServices;
using System.IO;

namespace DirectoryServices
{
      /// <summary>
      /// Summary description for WebForm1.
      /// </summary>
      public class WebForm1 : System.Web.UI.Page
      {

            private void Page_Load(object sender, System.EventArgs e)
            {
                  try
                  {
//                        string LDAPServerName = "ldap://ldap.directory.ray.com:389/ou=person,o=raytheon.com,c=us??base?(uid=hac61882)";
                        string LDAPServerName = "ldap://ldap.directory.ray.com:389/ou=person,o=raytheon.com,c=us";
                        DirectoryEntry entry = new DirectoryEntry(LDAPServerName);
//                        entry.Username = "uid=HAC61882,ou=employee,ou=person,o=raytheon.com,c=US";
//                        entry.Username = "uid=HAC61882";
//                        entry.Password = "";
//                        entry.AuthenticationType = AuthenticationTypes.Secure;
                        entry.AuthenticationType = AuthenticationTypes.Anonymous;
                        DirectorySearcher mySearcher = new DirectorySearcher(entry);
                        mySearcher.PropertiesToLoad.Add("nickName");
                        SearchResultCollection results;
                        mySearcher.Filter = "(uid=HAC61882)";
                        results = mySearcher.FindAll();
                        foreach(SearchResult resEnt in results)
                        {
                              ResultPropertyCollection propcoll=resEnt.Properties;
                              foreach(string key in propcoll.PropertyNames)
                              {
                                    foreach(object values in propcoll[key])
                                    {
                                          Response.Write(values.ToString());
                                    }
                              }
                        }
                  }
                  catch(Exception e1)
                  {
                        LogTrace("WebForm1.aspx.cs","Page_Load,Error,e1=" + e1.Message);
                  }
            }
            #region Web Form Designer generated code
            override protected void OnInit(EventArgs e)
            {
                  //
                  // CODEGEN: This call is required by the ASP.NET Web Form Designer.
                  //
                  InitializeComponent();
                  base.OnInit(e);
            }
            
            /// <summary>
            /// Required method for Designer support - do not modify
            /// the contents of this method with the code editor.
            /// </summary>
            private void InitializeComponent()
            {    
                  this.Load += new System.EventHandler(this.Page_Load);

            }
            #endregion
            private void LogTrace (string Catagory, string szMyString )
            {
                  if (Trace.IsEnabled)
                  {
                        Trace.Write(Catagory,szMyString);
                        StreamWriter wrter = File.AppendText ( MapPath("log.csv") );
                        wrter.Write( DateTime.Now.ToShortTimeString() + "," +
                              DateTime.Now.Ticks.ToString("d") + "," + Catagory + "," + szMyString + "\n" );
                        wrter.Flush();
                        wrter.Close();
                  }
            }

      }
}
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 20

Assisted Solution

by:ihenry
ihenry earned 1200 total points
ID: 16339344
The LDAP provider is case sensitive and needs to be upper case.

string LDAPServerName = "LDAP://ldap.directory.ray.com:389/ou=person,o=raytheon.com,c=us";

Henry
0
 

Author Comment

by:wsfindlater
ID: 16343770
Found out from a college of mine the Microsoft Directory Services does not support Novell LDAP (sufficiently).
Had to use a special .dll that Novell has created to support .Net "Novell.Directory.Ldap.dll"

This can be found at:

   http://www.novell.com/coolsolutions/feature/11204.html

Nevertheless, thanks for your efforts.

0
 
LVL 20

Expert Comment

by:ihenry
ID: 16343964
mm..I'm not sure how valid the statement is. I have seen people (including myself) used System.DirectoryServices with non Microsoft LDAP directory servers, e.g. Novell eDirectory, iPlanet, etc to do normal user management tasks without any problem.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question