«

I'm using the walkthrough described in
http://msdn.microsoft.com/library/de...SecNetHT02.asp

and I followed step by step.

However, when I try with a valid AD account/password combination the code
always throws an exception in the line


Object obj = entry.NativeObject;

The full exception message is:

"System.Runtime.InteropServices.COMException (0x8007202B): A referral was
returned from the server\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_Native Object()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated( String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldap authentication.cs:line 38"

If I try with an invalid AD account/password, arises another exception:

"System.Runtime.InteropServices.COMException (0x8007052E): Logon failure:
unknown user name or bad password\r\n at
System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\n at
System.DirectoryServices.DirectoryEntry.Bind()\r\n at
System.DirectoryServices.DirectoryEntry.get_Native Object()\r\n at
AdminBuros.DAL.LDAPAuthentication.IsAuthenticated( String domain, String
username, String pwd) in
c:\\administracionburos\\dal\\adminburos.dal\\ldap authentication.cs:line 38"


My environment is a development environment, AD in a Windows 2000 Server and
my ASP.NET application running in XP Pro SP2 machine. The <processmodel>
setting in machine.config is configured to : SYSTEM.
The setting :
<identity impersonate="true" />
is present in my web.config file.

The IIS virtual directory is configured as an IIS application with :

-Execute Permissions : Script Only
-Application Protection : Medium (Pooled)
-Authentication Methods:
* Anonymous Access, configured with a valid domain account. The MSDN article
I mentioned does not specify if this account could be a domain or local
account, just that it has to be a less privileged account.
* Integrated Windows Authentication

The code from the MSDN article was copied to a C# class type .NET project,
which in turn is called by an ASP.NET web form which makes a project type
reference to the class project.
I've not tried the code from a windows form application however.

Can somebody give me a hint about what's happening?

Best regards.

Lino i have been using Forms Auth with AD and its been working well for me
after some struggles with it(What i had to change
in the MSDN code was that it couldn't retrieve GROUPS but it can
authenticate)
HAve you set the right Authentication mode in the IIS for the Directory..
Make sure it has Windows Auth and try again..
If problem still persist let me know..
PAtrick

"Lino Garcia" <> wrote in message
news:79098DA3-8917-4603-B94A-...
> I'm using the walkthrough described in
>
http://msdn.microsoft.com/library/de...SecNetHT02.asp
>
> and I followed step by step.
>
> However, when I try with a valid AD account/password combination the code
> always throws an exception in the line
>
>
> Object obj = entry.NativeObject;
>
> The full exception message is:
>
> "System.Runtime.InteropServices.COMException (0x8007202B): A referral was
> returned from the server\r\n at
> System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\n at
> System.DirectoryServices.DirectoryEntry.Bind()\r\n at
> System.DirectoryServices.DirectoryEntry.get_Native Object()\r\n at
> AdminBuros.DAL.LDAPAuthentication.IsAuthenticated( String domain, String
> username, String pwd) in
> c:\\administracionburos\\dal\\adminburos.dal\\ldap authentication.cs:line
38"
>
> If I try with an invalid AD account/password, arises another exception:
>
> "System.Runtime.InteropServices.COMException (0x8007052E): Logon failure:
> unknown user name or bad password\r\n at
> System.DirectoryServices.DirectoryEntry.Bind(Boole an throwIfFail)\r\n at
> System.DirectoryServices.DirectoryEntry.Bind()\r\n at
> System.DirectoryServices.DirectoryEntry.get_Native Object()\r\n at
> AdminBuros.DAL.LDAPAuthentication.IsAuthenticated( String domain, String
> username, String pwd) in
> c:\\administracionburos\\dal\\adminburos.dal\\ldap authentication.cs:line
38"
>
>
> My environment is a development environment, AD in a Windows 2000 Server
and
> my ASP.NET application running in XP Pro SP2 machine. The <processmodel>
> setting in machine.config is configured to : SYSTEM.
> The setting :
> <identity impersonate="true" />
> is present in my web.config file.
>
> The IIS virtual directory is configured as an IIS application with :
>
> -Execute Permissions : Script Only
> -Application Protection : Medium (Pooled)
> -Authentication Methods:
> * Anonymous Access, configured with a valid domain account. The MSDN
article
> I mentioned does not specify if this account could be a domain or local
> account, just that it has to be a less privileged account.
> * Integrated Windows Authentication
>
> The code from the MSDN article was copied to a C# class type .NET project,
> which in turn is called by an ASP.NET web form which makes a project type
> reference to the class project.
> I've not tried the code from a windows form application however.
>
> Can somebody give me a hint about what's happening?
>
> Best regards.
>