Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Using Active Directory

Reply
Thread Tools

Using Active Directory

 
 
scsharma
Guest
Posts: n/a
 
      09-19-2005
Hi,
I am new to active directory world but based on what i know i am trying to
achieve following:
1. Look for user/groups on a windows 2000 machine which is not a PDC(primary
domain controller). I created Directory entry object as follows:
DirectoryEntry group = new
DirectoryEntry("LDAP://CN=guests,DC=XXX.XXX.XX.X");
where "X" is actual IP Address of machine.

I ran into issues where i got exception saying "A referral was returned
from the server" when following line was executed:
object members = group.Invoke("Members",null);
I am not sure if i can query PDC to look for users/groups on some other
machine running in same domain. Can some one verify if that's possible. If
yes then can you please direct me.

2. I am trying to create a user interface which will allow user to create a
subdirectory on machine running windows 2000 machine. Please note that my
application would be running on windows XP. Using my UI user will, specify
the ipaddress of windows 2000 on which finally subfolder will be created and
users from that machines would be given permission on those folders.
Is above requirement possible using C# in .net.
--
Thanks
SCS
 
Reply With Quote
 
 
 
 
Steven Cheng[MSFT]
Guest
Posts: n/a
 
      09-20-2005
Hi Sharmasu,

Welcome to ASPNET newsgroup.
Regarding on the two questions you mentioned, here are some of my
suggestions;
1. For AD query, generally there may occur some secuirty related issues
when performing AD query in ASP.NET application since the security context
in asp.net is different from desktop apps like winform or console. So I
think we can first try testing the same code in winform or console app with
proper logon user to see whethe the same rpoblem occurs. If the same
problem remain, that means this is a AD specific problem, I'd recommend you
try posting in the public.ADSI or public .ADSI.general newsgroup.

2. Do you means you'd like to allow your asp.net application to create new
directory on remote machine? If so, I'm afraid this is not quite a good
idea since we need to consider many security things in such scenario.
First, for manipulate directory on remote machine, we'll need to expose the
remote directory (at least the most top level directory) through UNC share
or WebDav share. Then, we can access or modify that directory from the
asp.net application on separate machine. Also, we need to grant the
ASP.NET's process identity the sufficient permissions on the remote
macine(for that remote shared folder).

Thanks,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)





--------------------
| Thread-Topic: Using Active Directory
| thread-index: AcW9XPjaG4kI1EAVQtG9u1BTsm403A==
| X-WBNR-Posting-Host: 12.109.44.8
| From: "=?Utf-8?B?c2NzaGFybWE=?=" <(E-Mail Removed)>
| Subject: Using Active Directory
| Date: Mon, 19 Sep 2005 13:59:05 -0700
| Lines: 25
| Message-ID: <(E-Mail Removed)>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
| Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.aspnet.security: 6627
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Hi,
| I am new to active directory world but based on what i know i am trying
to
| achieve following:
| 1. Look for user/groups on a windows 2000 machine which is not a
PDC(primary
| domain controller). I created Directory entry object as follows:
| DirectoryEntry group = new
| DirectoryEntry("LDAP://CN=guests,DC=XXX.XXX.XX.X");
| where "X" is actual IP Address of machine.
|
| I ran into issues where i got exception saying "A referral was returned
| from the server" when following line was executed:
| object members = group.Invoke("Members",null);
| I am not sure if i can query PDC to look for users/groups on some other
| machine running in same domain. Can some one verify if that's possible.
If
| yes then can you please direct me.
|
| 2. I am trying to create a user interface which will allow user to create
a
| subdirectory on machine running windows 2000 machine. Please note that my
| application would be running on windows XP. Using my UI user will,
specify
| the ipaddress of windows 2000 on which finally subfolder will be created
and
| users from that machines would be given permission on those folders.
| Is above requirement possible using C# in .net.
| --
| Thanks
| SCS
|

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
System.IO.Directory.GetDirectories() and System.IO.Directory.GetFiles() are not returning the specified directory Nathan Sokalski ASP .Net 2 09-06-2007 03:58 PM
Possible? Authentication using Windows/Active directory, but access SQL Server using Membership class Andy ASP .Net 1 04-15-2006 08:48 PM
Active Directory Search fails ("The directory service is unavailab ejcosta ASP .Net Security 2 10-08-2004 09:57 AM
Using Cisco PIX with Active Directory & VPN Steve Baker Cisco 2 02-20-2004 06:31 PM
Active Directory using LDAP query Marty Underwood ASP .Net 0 11-27-2003 02:00 AM



Advertisments