Solved

Asp.Net getting users UPN from Active Directory

Posted on 2013-02-06
3
271 Views
Last Modified: 2013-11-18
Hi..
Running a .net web app and am truing to get the currently logged in users User Principal Name from AD.

I'm using the System.DirectoryServices.AccountManagement.UserPrincipal.Current property to achieve this...

I understand that I need to run the application as a user that has read access to AD, but am not sure how my web.conf file should be set up to achieve this..

I currently have...

<identity impersonate="true"
                   userName="domain\someuser"
                   password="somepass"/>

... in my web.conf and the nominated user has read access to AD, the problem is that it always reports this users UPN and not the user that's actually running the application...

I know this is a bit obvious, but I'm struggling to get the web application to run in the context as the actual user who is calling the application..

If I remove the userName/password from that tag, i get the following error...
"System.DirectoryServices.DirectoryServicesCOMException"

Can someone de-mystify this for me please??

Thanks in advance..
0
Comment
Question by:jcm4101
  • 2
3 Comments
 
LVL 19

Expert Comment

by:Rimvis
ID: 38862975
Hi jcm4101,

Do you have authentication mode set to Windows?

Check "Configuring Windows Authentication" section:
http://msdn.microsoft.com/en-us/library/ff647405.aspx
0
 

Author Comment

by:jcm4101
ID: 38862996
HI, thanks for your reply...

I can confirm that the relavent bits of my web.conf now look like this..
<system.web>
        <authentication mode="Windows"/>
        <identity impersonate="true"/>
...
...
...

</system.web>

This results in the exception below being thrown...
System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.

Thanks again

D
0
 
LVL 19

Accepted Solution

by:
Rimvis earned 500 total points
ID: 38863061
Have you checked that anonymous access is disabled in IIS configuration?


What are you trying to do when you get an error? Can you show the code?
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my previous two articles we discussed Binary Serialization (http://www.experts-exchange.com/A_4362.html) and XML Serialization (http://www.experts-exchange.com/A_4425.html). In this article we will try to know more about SOAP (Simple Object Acces…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question