Solved

LDAP Suddenly Stopped Working

Posted on 2010-11-18
4
754 Views
Last Modified: 2012-05-10
We've had LDAP working for 3 years from a computer that was on the domain and from one that was not.  We moved the one that was not into the computer groups for that domain (we joined the domain).  We have 3 domains  only the mother domain is able to be successfully contacted for LDAP lookups.  The satellite domains give this error:         System.Runtime.InteropServices.COMException (0x8007052E): Logon failure: unknown user name or bad password. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne()

Here is the code that is giving me this hard time in vb.net:  keep in mind this used to all work before the past weekend.  This question is worth 500  points.

       Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & tbLdapServer.Text, tbUserName.Text, tbPassword.Text)
        Entry.AuthenticationType = DirectoryServices.AuthenticationTypes.None
        Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
        Searcher.Filter = "(SAMAccountName=" & tbDomainName.Text & tbUserName.Text & ")"
        Searcher.PropertiesToLoad.Add("cn")
        Dim Result As System.DirectoryServices.SearchResult = Nothing
        Try
            Result = Searcher.FindOne
            lblTextUserNameAndPasswordResults.Text = "Success:" & Result.Path
        Catch ex As Exception
            Dim exString As String = ex.ToString
            While Not ex.InnerException Is Nothing
                exString += ex.InnerException.ToString
                ex = ex.InnerException
            End While
            lblTextUserNameAndPasswordResults.Text = exString
        End Try

I've tried running this code every which way, I am using the log in users username and password to check their authentication.  It crashes at the FineOne line.
0
Comment
Question by:FishmanTobin
  • 3
4 Comments
 
LVL 5

Expert Comment

by:ina_don
Comment Utility
Can you check and ensure that the username and password as using the domain\username & password for the domain that the machine has been joined to.

Also check the permissions that you have on the machine since adding it to the domain. Which LDAP Server are you using? Have you looked at the documentation for similar scenarios and what to expect.
0
 

Author Comment

by:FishmanTobin
Comment Utility
After more trial an error based on your suggestions, I've got it partially working and the problem becomes a little clearer.  Ok, I have Domain A, B, C .  B & C Trust A,  I can use a user from Domain A as the LDAP user name and password to look up a user that exists only on Domain B or C.  The way it worked before things failed was I would pass Domain B info to Domain B a Domain B user name and password for users only on that domain.  So what is happening now is I can look up users on Domain B but I have to use a Domain A user account to get LDAP connectivity. Why is this happening and how can we fix that?
0
 

Accepted Solution

by:
FishmanTobin earned 0 total points
Comment Utility
The solution was that you have to add the domain prefix when doing the LDAP lookup.  Before we added it to the domain there was no prefix but now that it automatically appends the main domain prefix we have to manually tweek the LDAP query to use the correct domain name we are checking against.
0
 

Author Closing Comment

by:FishmanTobin
Comment Utility
There we not sufficient comments on this and we solved it ourselves.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now