We are facing Login problems while Logging to our site. We (the Developement Team) can log in to the site with only one prompt but many users are getting login prompts several times. After pressing ESC for 5-6 times they can login to site. Is there any AD setting that needs to be changed? If so not even the Site Admin (Full Permission...
I need to search for all users containing a certain text string in their name against the Exchange Server Global Address List. This operation will be performed from an ASP.NET application. Note that the GAL is required (not Active Directory) as it contains users across domains. It's also what the customer requested. I've been looking at...
Given a NT style account name (DOMAIN\UserName) is it possible to infer what the LDAP address for that domain is so that user info can be looked up? My scenario: I have an asp.net app running on IIS that accepts both anonymous and domain users. The anonymous users have to sign in but the domain users I check the server headers for the ...
I created a WCF web service to return user and group information from Active Directory. It works fine for most groups and users, but not all. I use directoryEntry.Invoke("groups",null) to return the groups a specified user is member of. This returns MOST groups. The odd thing is that I can find any group and enumerate its members, ev...
I am using Active Directory in a custom MembershipProvider class to authenticate users in an ASP.NET 2.0 intranet application and associate their sid with a profile for the application. When the ActiveDirectoryMembershipProvider is used, the ProviderUserKey object for the MembershipUser is as follows SecurityIdentifier sid = (SecurityI...
I've been looking for ways to connect AD to ACS. Does anyone know if this can be done without Geneva Server? The idea would be to have a way to allow organizations use an Azure deployed application and authenticate/authorize them via the Access Control Service and the organizations AD. Are there other ways to do this without Geneva Se...
I deleted a Public Queue from my local box this morning and then went to recreate the queue. When I go to recreate it I get the message: Error: A queue with the same path name already exists From research it appears that the queue gets replicated in the AD and sometimes it doesn't delete. So now the AD admin has to delete this for me,...
I am using JAAS to authenticate against Microsoft Active Directory and unlike AD its current behavior is case-sensitive. Does anyone have any tips on making JAAS LoginModules case-insensitive? ...
What would be the canonical attribute in an LDAP schema to encode the mother tongue (first language) of a user? Interop with default/existing administration tools for Windows Active Directory would be a big plus. ...
I have a client that calls a web service that then hits AD to get information. Recently i started to have the following behavior. after a long wait or a IISReset, the Client calls the web service, the web service shows the call, starts to DirectoryEntry.RefreshCache();. (Which is inside a try catch that should log any exceptions) Then...
Hi. I have a problem with manager attribute in Sun Directory Server. I set this attribute for a user in the directory, e.g. cn=testmanager,dc=test,dc=com and when I change manager's dn this change is not propagated in manager attributes. For example: I have two users: dn: cn=testmanager,dc=test,dc=com and dn: cn=testperson,dc=tes...
If I set the .NET DirectoryEntry.Path to something like: LDAP://CN=John Smith,OU=Group Name,DC=example,DC=com Everything works great, and I get the DirectoryEntry I need. However, I don't know the user's true Common Name (CN). I only know their username, "John.Smith". So, how can I query the username? I have tried all the followin...
I need to create a new user in Active Directory. I have found several examples like the following: using System; using System.DirectoryServices; namespace test { class Program { static void Main(string[] args) { try { string path = "LDAP://OU=x,DC=y,DC=com"; string username = "johndoe"; ...
I have .net code that will read/write to our local Active Directory domain. The reading part has been tested and works fine, but I wish to test the 'writing' part. My application will be modifying some user profiles in active directory but I don't want to implement this on the live server just in case something breaks. What's the best ap...
I'm working on an active directory managament application. In addition to the typical Create A New User, Enable/Disable an account, reset my password etc. it also managages application permissions for all of the clients web applications. Application management is handled by thousands of AD groups such as which are built from 3 letter c...
In C# I write... DirectoryEntry computer = GetComputer(); computer.Properties["managedBy"].Value = null; computer.CommitChanges(); When I make the call to CommitChanges() it throws a COM exception A constraint violation occurred. (Exception from HRESULT: 0x8007202F) something is wrong with setting the "managedBy" property to null...
Is there a way, in a report, to filter data by AD group? I need to make it so "Group A" can see all data and "Group B" sees less. I can't change anything in the DB and the just the user name is passed to the report. Any ideas? ...
Basically what I'm trying to do is, I have an ASP.Net web application that's using Forms Authentication with some custom code to link it to ActiveDirectory (very similar to how this works). However, whenever I query the domain controller for the users groups it only returns the groups that they're explicitly in and not subgroups (id est...
I have a problem with C# accessing AD objects. The goal of the code is to retrieve a users's groups. We have 2 domains involved - the domain where the application and many users reside, plus a trusted domain that also contains users so the code must be able to get groups from both domains. I am using a DirectorySearcher object and filt...
I've found many posts on how to return the current user's AD information in an InfoPath Form - but I require a list of AD Users. Furthermore, this is to be accomplished in a browser-enabled form accessed within a MOSS website. Is there an AD webservice that can be used to return this info? ...