Re: ADAM authentication
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 02/03/04
- Next message: Marko: "RE: Using ASPNET_SETREG.exe"
- Previous message: Amil: "How to use ServiceController"
- Next in thread: Bill Belliveau: "Re: ADAM authentication"
- Reply: Bill Belliveau: "Re: ADAM authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 2 Feb 2004 22:54:59 -0600
Since no one else chimed in, I did a little bit more poking around on this.
I haven't done a lot with ADAM yet and have not successfully set a password
on an ADAM user yet (need a hotfix I think), but here are a couple of
things:
With an AD user, you should be able to bind with AuthenticationTypes.Secure
always. Generally you can pass the username in domain\username format, upn
format (user@domain.com), distinguished name, or plain user name (although
that only works with Secure binding).
With ADAM users, I believe you need to use the distinguished name of the
user for the username. I don't think you can use Secure binding, so if you
want to avoid plaintext binds, you need to use SSL.
To get more details, I'd suggest you follow up in the
microsoft.public.windows.server.active_directory newsgroup. Dmitri or Eric
are much deeper in ADAM than I am and should be able to fill in the details.
Joe K.
"Bill Belliveau" <anonymous@discussions.microsoft.com> wrote in message
news:969497A7-A18A-4090-9A54-AD47E4E2152D@microsoft.com...
> I've been kicking around ADAM on a 2003 server for a couple of days and
after getting the major classes in the schema and making a few objects, now
I'm ready to programitically test it. I am able to use the LDP tool locally
or remotely to logon as a Windows Identity (admin) or as an ADAM user. I
have written code to get AD objects but cant get any ADAM code working nor
the examples from the documentation. I'm not sure if this is an ADAM issue
or if it has more to do with my unfamiliarity with the Directory.
>
> Below is a mess of code I've blindly been stabing around with. The
exceptions I get are usually either the famous "operations error" or
"unwilling to process the request" unless I'm reading the rootdse, so it
seems to be a security issue. I'm accessing from a Windows 2000 box which
seems to have security issues with ADAM, however LDP works.
>
> Ideas?
> Bill
>
>
> -- messy code begin--
> DirectoryEntry myEntry = new DirectoryEntry();
> //myEntry.AuthenticationType = AuthenticationTypes.Encryption |
AuthenticationTypes.Signing;
> //myEntry.Path = @"LDAP://computer:50000/cn=mary baker,ou=adam
users,o=microsoft,c=us";
> //myEntry.Path = @"LDAP://computer:50000/o=microsoft";
> //myEntry.Path = @"LDAP://computer:50000/cn=mary baker,ou=adam
users,o=microsoft,c=us";
> myEntry.Path = @"LDAP://computer:50000/rootdse";
> myEntry.Password = "";
> myEntry.Username = @"localcompany\Administrator";
>
>
> try
> {
> Debug.Write(myEntry.Guid);
> Object obj = myEntry.NativeObject;
> }
> catch(Exception Ex)
> {
> Debug.Write(Ex.ToString());
> Debug.Write(Ex.InnerException);
> Debug.Write(Ex.Source);
> Debug.Write(Ex.HelpLink);
>
Debug.Write((System.Runtime.InteropServices.Marshal.GetLastWin32Error()).ToS
tring());
> }
> //try
> //{
> //DirectoryEntry myEntry = new
DirectoryEntry("LDAP://computer:50000/o=microsoft");
> //
> //myEntry.AuthenticationType = AuthenticationTypes.Encryption |
AuthenticationTypes.Signing;
> //Debug.Write(myEntry.Name + myEntry.Guid);
> //Debug.Write("Logon = true");
> //}
> //catch(Exception Ex)
> //{
> //Debug.Write(Ex.ToString());
> //Debug.Write(Ex.InnerException);
> //Debug.Write(Ex.Source);
> //Debug.Write(Ex.HelpLink);
>
//Debug.Write((System.Runtime.InteropServices.Marshal.GetLastWin32Error()).T
oString());
> //}
> -------
- Next message: Marko: "RE: Using ASPNET_SETREG.exe"
- Previous message: Amil: "How to use ServiceController"
- Next in thread: Bill Belliveau: "Re: ADAM authentication"
- Reply: Bill Belliveau: "Re: ADAM authentication"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
