Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > Active Directory calls failing in production....

Reply
Thread Tools

Active Directory calls failing in production....

 
 
Ollie
Guest
Posts: n/a
 
      08-15-2004
I know this has been asked before, I have read the answers given and I am
unable to get this work ( I don't know that much about AD configuration)

I have an asp.net web service that is designed to authenticate and maintain
accounts in active directory. It all works fine when the web service is on
the same machine as the domain controller but when the web service is on a
remote machine it fails on any active directory calls.

I have configured the ProcessModel in the machine.config to run under the
'SYSTEM' account and have set the identity element in the web.config of the
web service to be:
<identity impersonate="true", userName="DOMAIN\ollie" password="password">

this account is a domain administrator account so it will have the
prviliedges required. I have NOT disabled anonymous access for the website.
( I tried this but it still fails)

The LDAP string for connection to the directory service is
LDAP://FB2/DC=DOMAIN,DC=COM

The error that it is returning is "The directory property cannot be found in
the cache" with error code 0x8000500D. I guess that it is able to find the
AD but unable to access the information because of a security restricition
as I said it all works perfectly fine when the web service is on the same
machine as the domain controller, or it could be that the information I am
looking for in the AD is not published for remote access.

Does anyone know what bit of configuration information I am missing to get
the damn thiing working......

Cheers in Advance

Ollie



 
Reply With Quote
 
 
 
 
Imran Masud
Guest
Posts: n/a
 
      08-16-2004
Hi Ollie,
The problem that you are having is called Double Hop Problem I think.

1. Make sure the machine on which you deploy the webservice is also on
the same domain.
2. Goto the Users and COmputer MMC and go the COmputer Container and
select that webservice computer and enable the delegate option.
3. If you are hosting the main webapplication on the domain controller
make sure the delegate option is also set for the domain controller
computer.

4. Make sure you restart the computers after setting that option.

5. Whenever u use the delegation in web.config and u are connecting to
AD through DirectoryServices using integrated login then you have to
set the delegate option.



Read this article I hope it should solve the problem.
http://support.microsoft.com/default...b;en-us;329986

Cheers
and best of luck
Imran


"Ollie" <why do they need this!!!!> wrote in message news:<(E-Mail Removed)>...
> I know this has been asked before, I have read the answers given and I am
> unable to get this work ( I don't know that much about AD configuration)
>
> I have an asp.net web service that is designed to authenticate and maintain
> accounts in active directory. It all works fine when the web service is on
> the same machine as the domain controller but when the web service is on a
> remote machine it fails on any active directory calls.
>
> I have configured the ProcessModel in the machine.config to run under the
> 'SYSTEM' account and have set the identity element in the web.config of the
> web service to be:
> <identity impersonate="true", userName="DOMAIN\ollie" password="password">
>
> this account is a domain administrator account so it will have the
> prviliedges required. I have NOT disabled anonymous access for the website.
> ( I tried this but it still fails)
>
> The LDAP string for connection to the directory service is
> LDAP://FB2/DC=DOMAIN,DC=COM
>
> The error that it is returning is "The directory property cannot be found in
> the cache" with error code 0x8000500D. I guess that it is able to find the
> AD but unable to access the information because of a security restricition
> as I said it all works perfectly fine when the web service is on the same
> machine as the domain controller, or it could be that the information I am
> looking for in the AD is not published for remote access.
>
> Does anyone know what bit of configuration information I am missing to get
> the damn thiing working......
>
> Cheers in Advance
>
> Ollie

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
System.IO.Directory.GetDirectories() and System.IO.Directory.GetFiles() are not returning the specified directory Nathan Sokalski ASP .Net 2 09-06-2007 03:58 PM
Ajax calls intermitently failing... Fernand Galiana Ruby 1 11-07-2005 05:35 AM
Active Directory Search fails ("The directory service is unavailab ejcosta ASP .Net Security 2 10-08-2004 09:57 AM
Active Directory calls failing in production.... Ollie ASP .Net Security 1 08-16-2004 01:48 PM
Simple Web Request failing with code 403 after several successful calls Anthony Frayling ASP .Net Web Services 0 03-05-2004 02:59 PM



Advertisments