Solved

error '80072020' ASP Webpage

Posted on 2008-10-07
6
3,140 Views
Last Modified: 2013-12-24
Hi experts,

I am trying to do a query to active directory with the following code:

but I always get error '80072020'
at this line of code: Set oUser = GetObject("LDAP://" & sysInfo.Username)

I do not use anonymous access in IIS and am using Windows Authentication.
How do I get around this problem?

Thanks
public function authorizeUser()
   Dim sysInfo, oUser
   Dim group
   Dim ok 
		
   ok = false
		
   Set sysInfo = CreateObject("ADSystemInfo")
 
   Set oUser = GetObject("LDAP://" & sysInfo.Username)
 
   for each oGroupName in oUser.memberOf
      group = left(oGroupName,instr(oGroupName,",")-1)
      group = right(group, len(group) - 3)
	if group = "Adminstrators" then
	   ok = true
	end if
   next
end function

Open in new window

0
Comment
Question by:maloriopolium
  • 2
  • 2
6 Comments
 
LVL 7

Expert Comment

by:Norush
ID: 22666890
0
 

Author Comment

by:maloriopolium
ID: 22667678
Thanks Norush,

The article seems to suggest that I need to tick the check box that says allow anonymous access in IIS. Would this be correct?
Also once I do that, does the default anonymous user have access rights to AD? How would I go about finding an account that has access rights to AD?
I'm just a bit confused.
0
 
LVL 7

Accepted Solution

by:
Norush earned 250 total points
ID: 22668120
The problem is that your web page is running under the context of iUSR_Servername and does not have access rights.

Meaning that if you would make this user part of the administrator group it would work.
But making the user an administrator is a very bad idea for security reasons.

The article found heres will learn you how to overcome this:
http://www.serverwatch.com/tutorials/article.php/1476961
http://www.serverwatch.com/tutorials/article.php/1478231
http://www.serverwatch.com/tutorials/article.php/1482281
0
 

Author Comment

by:maloriopolium
ID: 22675887
>The problem is that your web page is running under the context of iUSR_Servername and does not >have access rights.

Hmmm, but I am using Integrated Windows Authentication at the moment. I would have thought this means the web page is running under the context of whoever is logged into the computer?


0
 
LVL 2

Assisted Solution

by:rmorreau
rmorreau earned 250 total points
ID: 23159956
Is this question still active?  Is this mean for ASP or ASP.NET?

The token available at the server when using Integrated Windows Authentication does not permit those credentials to be used to access another service requiring credentials.  Have a search online for the double hop problem.

What you want to do is possible however, but it requires some additional steps to be completed.  You need to enable your web server to delegate credentials to the domain controllers (or ADAM service) in your environment.  A search for kerberos delegation (or constrained delegation) will help point you in the right direction there.

The system I've got this running in is using .NET Web Services and we also enable the impersonate option, its been ages since I worked with classic ASP you may or may not need to perform something equivalent to get this working.

Hope that helps
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question