Solved

How to access Active Directory information via ASP.NET page

Posted on 2014-11-17
9
112 Views
Last Modified: 2015-07-07
Greetings,

Perhaps you can help.

I am trying to capture Active Directory information such as "title" via ASP.NET page when one enters a valid "NT username" in a textbox and hits a button.

Curiously, this works in the development environment of Visual Studio 2010 when I run the project but not when I deploy to IIS(V6). I have Integrated Windows Security ticked and Enable Anonymous Access unticked. (Windows Server 2003 SP2)

My knowledge of issues such as Active Directory is scanty.

I enclose the relevant files.

Many thanks,

Mick
top.aspx
top.aspx.vb
Web.config
0
Comment
Question by:Tablecloth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 26

Accepted Solution

by:
Shaun Kline earned 500 total points
ID: 40447379
Are you getting an error when you attempt to access AD or are you just not getting the Title value?

Depending on how AD is setup, it is possible that your general users do not have the ability to search AD. If this is the case, you would need to use impersonation to perform the search.
0
 

Author Comment

by:Tablecloth
ID: 40447400
Thanks Shaun,

That was quick!

Accessing AD is the problem: the error message is:
System.NullReferenceException: Object reference not set to an instance of an object. at Tasks.top.Button1_Click(Object sender, EventArgs e) in C:\blah blah\top.aspx.vb:line 156.

Forgive me but what does this entail:
.. you would need to use impersonation to perform the search..

(I never got a grip on these issues )
0
 

Author Comment

by:Tablecloth
ID: 40447404
line 156 = sresult = dssearch.FindOne()
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 26

Expert Comment

by:Shaun Kline
ID: 40448046
You can use the System.Web.Hosting.HostingEnvironment.Impersonate() for impersonation. Try using these modifications to your code:
    Try

    connection = ConfigurationManager.ConnectionStrings("ADConnection").ToString()
    Using System.Web.Hosting.HostingEnvironment.Impersonate()
        dssearch = New System.DirectoryServices.DirectorySearcher(connection)
        dssearch.Filter = "(sAMAccountName=" + UserName + ")"
        sresult = dssearch.FindOne() 'sresult = "mminehan"

Open in new window


and prior to the Catch statement add:
End Using

Open in new window


The one catch with this method is that account assigned to the application pool for your website will need permission to search your AD environment. Otherwise, the directory search will fail, and I believe it is with the NullReference exception you experienced.
0
 
LVL 14

Expert Comment

by:CtrlAltDl
ID: 40448136
You can impersonate a domain user who has permissions to the AD.  Just add this to <configuration> section of your Web.Config.

  <location path="top.aspx">
    <system.web>
      <identity impersonate="true" userName="<DOMAIN>\domainuser" password="domainuserPassword"/>
    </system.web>
  </location>

Open in new window

0
 
LVL 14

Expert Comment

by:CtrlAltDl
ID: 40448149
FYI, if you want to ask for your login and password just leave out the username and password.
  <location path="top.aspx">
    <system.web>
      <identity impersonate="true" />
    </system.web>
  </location>
                                        

Open in new window

This article describes it in detail:
http://msdn.microsoft.com/en-us/library/134ec8tc%28v=vs.100%29.aspx
0
 

Author Comment

by:Tablecloth
ID: 40449618
Thanks guys,

Unfortunately I'm getting errors ...

Incidentally, how do I ensure/ implement the observation:

"The account assigned to the application pool for your website will need permission to search your AD environment. Otherwise, the directory search will fail, and I believe it is with the NullReference exception you experienced."
error.docx
0
 
LVL 14

Expert Comment

by:CtrlAltDl
ID: 40450456
Is the "Task" sub-folder a separate web application in the IIS application pool?  In IIS right click the task sub-folder and go to Properties.  In the Directory tab, under Application settings, you need to click the Create button.

This article will describe it in more detail:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/b5488995-fa99-460f-96d7-29d1ddcf3fac.mspx?mfr=true
0
 
LVL 14

Expert Comment

by:CtrlAltDl
ID: 40450491
The other way to get access to the AD is setup a special Application Pool with an account that access to the AD.

http://technet.microsoft.com/en-us/library/cc757073%28v=ws.10%29.aspx

Then assign that application pool to your web application.

Disclaimer: This application pool should only be used in applications that are accessible via an Intranet.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
API v SOA 8 63
RSS FEED - PROPERLY FORMATTED URL 2 59
RestClient.cs fails at (HttpWebResponse)request.GetResponse()) 4 52
GET INFO ABOUT WHAT THE PRINTER IS DOING ? 11 76
I'd like to talk about something that is near and dear to my heart: build systems. Without them, building software is all about compiling locally, with software versions everywhere. It can be a mess. Today we are going to discuss building a small di…
Introduction A frequently used term in Object-Oriented design is "SOLID" which is a mnemonic acronym that covers five principles of OO design.  These principles do not stand alone; there is interplay among them.  And they are not laws, merely princ…
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question