Solved

LDAP Suddenly Stopped Working

Posted on 2010-11-18
4
804 Views
Last Modified: 2012-05-10
We've had LDAP working for 3 years from a computer that was on the domain and from one that was not.  We moved the one that was not into the computer groups for that domain (we joined the domain).  We have 3 domains  only the mother domain is able to be successfully contacted for LDAP lookups.  The satellite domains give this error:         System.Runtime.InteropServices.COMException (0x8007052E): Logon failure: unknown user name or bad password. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne()

Here is the code that is giving me this hard time in vb.net:  keep in mind this used to all work before the past weekend.  This question is worth 500  points.

       Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & tbLdapServer.Text, tbUserName.Text, tbPassword.Text)
        Entry.AuthenticationType = DirectoryServices.AuthenticationTypes.None
        Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
        Searcher.Filter = "(SAMAccountName=" & tbDomainName.Text & tbUserName.Text & ")"
        Searcher.PropertiesToLoad.Add("cn")
        Dim Result As System.DirectoryServices.SearchResult = Nothing
        Try
            Result = Searcher.FindOne
            lblTextUserNameAndPasswordResults.Text = "Success:" & Result.Path
        Catch ex As Exception
            Dim exString As String = ex.ToString
            While Not ex.InnerException Is Nothing
                exString += ex.InnerException.ToString
                ex = ex.InnerException
            End While
            lblTextUserNameAndPasswordResults.Text = exString
        End Try

I've tried running this code every which way, I am using the log in users username and password to check their authentication.  It crashes at the FineOne line.
0
Comment
Question by:FishmanTobin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 5

Expert Comment

by:ina_don
ID: 34169060
Can you check and ensure that the username and password as using the domain\username & password for the domain that the machine has been joined to.

Also check the permissions that you have on the machine since adding it to the domain. Which LDAP Server are you using? Have you looked at the documentation for similar scenarios and what to expect.
0
 

Author Comment

by:FishmanTobin
ID: 34172700
After more trial an error based on your suggestions, I've got it partially working and the problem becomes a little clearer.  Ok, I have Domain A, B, C .  B & C Trust A,  I can use a user from Domain A as the LDAP user name and password to look up a user that exists only on Domain B or C.  The way it worked before things failed was I would pass Domain B info to Domain B a Domain B user name and password for users only on that domain.  So what is happening now is I can look up users on Domain B but I have to use a Domain A user account to get LDAP connectivity. Why is this happening and how can we fix that?
0
 

Accepted Solution

by:
FishmanTobin earned 0 total points
ID: 34464751
The solution was that you have to add the domain prefix when doing the LDAP lookup.  Before we added it to the domain there was no prefix but now that it automatically appends the main domain prefix we have to manually tweek the LDAP query to use the correct domain name we are checking against.
0
 

Author Closing Comment

by:FishmanTobin
ID: 34505845
There we not sufficient comments on this and we solved it ourselves.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question