?
Solved

Query AD from ASP.NET -  The Search Filter is invalid (unless I run the page locally)

Posted on 2012-09-21
2
Medium Priority
?
788 Views
Last Modified: 2012-09-24
Hi Experts,

Though I had this nailed, then I published my page.

Not 100% sure what to make of it...
So I'm querying AD from and ASP.NET page to get 4 user details (display name, phone, mobile & job title) and I'm filtering (or trying to filter on user_login id which is held in a session variable.

Code below runs perfectly locally but once I publish the page I get The Search filter is invalid message, can someone explain what the problem is / help me out. Many TIA

CODE BEHIND

using System;
using System.Configuration;
using System.DirectoryServices;


public partial class AD_GK_Default6 : System.Web.UI.Page
{
    
    protected void Page_Load(object sender, EventArgs e)
    {
        System.Security.Principal.IPrincipal user;

        user = System.Web.HttpContext.Current.User;

        System.Security.Principal.IIdentity identity;

        identity = user.Identity;

        Session["username"] = identity.Name.Substring(identity.Name.IndexOf(@"\") + 1);
   

        DirectoryEntry de = new DirectoryEntry(ConfigurationManager.AppSettings.Get("ADPath")); 
        de.Username = ConfigurationManager.AppSettings.Get("ADServiceAccount"); 
        de.Password = ConfigurationManager.AppSettings.Get("ADServiceAccountPassword");
        de.AuthenticationType = AuthenticationTypes.FastBind;

        DirectorySearcher dssearch = new DirectorySearcher(de);

        dssearch.Filter = "(CN=" + Session["username"].ToString() + ")";

        SearchResult sresult = dssearch.FindOne();

        DirectoryEntry dsresult = sresult.GetDirectoryEntry();

        lblfname.Text = dsresult.Properties["displayName"][0].ToString();

        lbltitle.Text = dsresult.Properties["title"][0].ToString();

        lbllname.Text = dsresult.Properties["telephonenumber"][0].ToString();

        lblemail.Text = dsresult.Properties["mobile"][0].ToString();

   }  
}

Open in new window


PAGE CODE
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
   <form id="form1" runat="server">

<div>

<table>

<tr>

<td align="right">



</td>

<td>

<asp:Label ID="lblfname" runat="server" Font-Bold="true"></asp:Label>  

</td>

</tr>

<tr>

<td align="right">



</td>

<td>

<asp:Label ID="lbltitle" runat="server" Font-Bold="true"></asp:Label>  

</td>

</tr>


<tr>

<td align="right">



</td>

<td>

<asp:Label ID="lbllname" runat="server" Font-Bold="true"></asp:Label>  

</td>

</tr>

<tr>

<td align="right">



</td>

<td>

<asp:Label ID="lblemail" runat="server" Font-Bold="true"></asp:Label>  

</td>

</tr>

</table>

</div>

</form>
</body>
</html>

Open in new window

0
Comment
Question by:forsters
2 Comments
 
LVL 20

Accepted Solution

by:
informaniac earned 2000 total points
ID: 38424298
Does your virtual directory have Anonymous access on for the authentication? If yes please remove it and try.
0
 

Author Comment

by:forsters
ID: 38428267
Ah of course, yes you got me! Thanks so much.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question