Very briefly then this is my situation. At my workplace I have to deal with 2 different domains x.com (the parent directory) and it's subdomain y.x.com The parent domain(x.com) has all the active directory users, computers etc. From my local workstation which sits in the x.com domain i can read emails for the active directory users just...
Using PHP's LDAP support, I was curious if you need to be running under IIS in order to query the local Active Directory. Would you be able to query it if the server is running Apache instead? Also, could I query an Active Directory setup on another machine than the code is running on, or does it need to be done on that machine? ...
Hi guys, I have a need to be able to identify all of the users on my AD (Active Directory) domain. I have the domain name and that is about it. It would rock if i could get it as a list of UserPrincipal or something but if its just a string then i can get the rest of the info i need from there. Thanks! ...
from my slapd.conf file, i see where my data is stored. when I look into that data directory i see two kinds of files, one type are .bdb files which appear to be the data files as that is the extension defined in the config file. But, I also have a bunch of log files, which appear to be binary when I try to read them in vi. I'm not sure ...
Precondition: There's a web application that leverages ASP.NET security model. There's also an Active Directory (AD) integration component. It provides AD users and roles as if those are application's own users and roles. The relations like "is in role" between AD user and AD role are stored in AD domain, of course, but are cached by the...
Hallo, I want to copy my Active Directory Users, Groups and Group Memberships from one DC to another using csvde, where the machines are identical except for the only the name of the Domain and Machine. Note that each server is a DC and itself is the only member of the domain. The command I am using for export is: csvde -f C:\exportAD.c...
Why would one do this. for ($i = 0; $i < $len; $i++) { $unicodepassword .= "{$passwd{$i}}\000"; } Context: This is a password set when creating or modifying a user in Active directory. We are rewriting some ancient code and nothing works without this. Making changes in our LDAP does not require this kind of "encoding". Also the r...
Why does the following code lock the account out after one unsuccessful attempt when the policy in AD is set to three attempts? Is there a better way of checking credentials programmatically against AD. private bool Authenticate(string userName, string password, string domain) { bool authentic = false; try { Dir...
My company is a Microsoft shop (Exchange, AD, etc.). I'd like to do queries on our employee directory like: Person person = directory.Lookup("jsmith"); string title = person.Fields("JobTitle"); Person manager = person.GetManager(); if (person.IsManager()) { Person[] subordinates = person.GetSubordinates(); } Is there any easy way...
Hi, I have a ASP.net MVC application that gets marker coordinates from a database (I use ActiveRecord) and outputs them as json to be used in google maps. The format however is not quite right. Does anyone know how I can change the output? Currently the output is: [ { "Id": 1, "Name": null, "Location": "13....
I am having trouble with the following code which should check to see if $user is in AlumniDBusers or AlumniDBmanagers groups in AD The entries[0] array always returns blank Can anyone see what might be wrong? Thanks // Active Directory server define('LDAP_HOST','dc1.college.school.edu'); // Active Directory DN define('LDAP_DN','OU=...
I'm trying to store a gzipped binary serialized object into Active Directory's "Extension Attribute", more info here. This field is a Unicode string according to it's oM syntax of 64. I'm saving the binary object into AD's Unicode format like this: byte[] bytes = ... // This is my blob System.Text.Encoding.Unicode.GetString(bytes); ...
I am essentially storing a private key (Hash) in any of the OctetString attributes within Active Directory. My question is, what attribute is secure by default and makes sense to keep private data there? This value should be considered similar to a password, where even administrators shouldn't have access (if possible), just like the c...
To retrieve data from ActiveDirectory I used the following code: SPSecurity.RunWithElevatedPrivileges(delegate() ( var currentDirectory = new DirectoryEntry(domainAddress); )); But changing a property's value and attempt to update the values in ActiveDirectory (function CommitChanges()) generates System.UnauthorizedAccess...
If a password is stored with reversable encryption in Active Directory, how does an administrator/developer extract and decrypt this password? Specifically, I'm referring to this setting. ...
Hi, I have an application which uses Active Directory intensively. I want to know if there is a way to know exactly what queries are sent and how much time they take on server side. I can always do some sort of very basic profiler by measuring the time elapsed during the queries through Stopwatch, but it don't help neither to see the q...
So I want to create a user account in Windows 2003 with Active Directory utilizing JNDI. I am following the following example: http://forums.sun.com/thread.jspa?threadID=582103 (first post). The following code is throwing an LDAP error I believe due to a chicken and egg problem of creating a user and then setting a password that is const...
Hi Guys, I was just wondering is there a way to raise events if someone changed something in Active Directory. Eg. disable user account ...
First off, The Problem: We have a Web App with a Flash front-end that talks to our ASP.NET web service via SOAP which then deals with all of our server side code (C#). Right now, we implement a simple user sign on in our application, storing the info in our MSSQL DB. A client has requested what I understand to be Windows authenticati...
I've written a C# automation utility that we're using to add Windows 7 workstations. For various reasons, we occasionally get a PC that will "think" it joined the domain, but actually failed. When logging in with a domain account, the W7 will show "The trust relationship between this workstation and the primary domain failed" What I'd...