Solved

LDAP Suddenly Stopped Working

Posted on 2010-11-18
4
764 Views
Last Modified: 2012-05-10
We've had LDAP working for 3 years from a computer that was on the domain and from one that was not.  We moved the one that was not into the computer groups for that domain (we joined the domain).  We have 3 domains  only the mother domain is able to be successfully contacted for LDAP lookups.  The satellite domains give this error:         System.Runtime.InteropServices.COMException (0x8007052E): Logon failure: unknown user name or bad password. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne()

Here is the code that is giving me this hard time in vb.net:  keep in mind this used to all work before the past weekend.  This question is worth 500  points.

       Dim Entry As New System.DirectoryServices.DirectoryEntry("LDAP://" & tbLdapServer.Text, tbUserName.Text, tbPassword.Text)
        Entry.AuthenticationType = DirectoryServices.AuthenticationTypes.None
        Dim Searcher As New System.DirectoryServices.DirectorySearcher(Entry)
        Searcher.Filter = "(SAMAccountName=" & tbDomainName.Text & tbUserName.Text & ")"
        Searcher.PropertiesToLoad.Add("cn")
        Dim Result As System.DirectoryServices.SearchResult = Nothing
        Try
            Result = Searcher.FindOne
            lblTextUserNameAndPasswordResults.Text = "Success:" & Result.Path
        Catch ex As Exception
            Dim exString As String = ex.ToString
            While Not ex.InnerException Is Nothing
                exString += ex.InnerException.ToString
                ex = ex.InnerException
            End While
            lblTextUserNameAndPasswordResults.Text = exString
        End Try

I've tried running this code every which way, I am using the log in users username and password to check their authentication.  It crashes at the FineOne line.
0
Comment
Question by:FishmanTobin
  • 3
4 Comments
 
LVL 5

Expert Comment

by:ina_don
ID: 34169060
Can you check and ensure that the username and password as using the domain\username & password for the domain that the machine has been joined to.

Also check the permissions that you have on the machine since adding it to the domain. Which LDAP Server are you using? Have you looked at the documentation for similar scenarios and what to expect.
0
 

Author Comment

by:FishmanTobin
ID: 34172700
After more trial an error based on your suggestions, I've got it partially working and the problem becomes a little clearer.  Ok, I have Domain A, B, C .  B & C Trust A,  I can use a user from Domain A as the LDAP user name and password to look up a user that exists only on Domain B or C.  The way it worked before things failed was I would pass Domain B info to Domain B a Domain B user name and password for users only on that domain.  So what is happening now is I can look up users on Domain B but I have to use a Domain A user account to get LDAP connectivity. Why is this happening and how can we fix that?
0
 

Accepted Solution

by:
FishmanTobin earned 0 total points
ID: 34464751
The solution was that you have to add the domain prefix when doing the LDAP lookup.  Before we added it to the domain there was no prefix but now that it automatically appends the main domain prefix we have to manually tweek the LDAP query to use the correct domain name we are checking against.
0
 

Author Closing Comment

by:FishmanTobin
ID: 34505845
There we not sufficient comments on this and we solved it ourselves.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now