Active Directory Authentication in IIS 6

From: "P Webster" <NOSPAM_REMpdwebster4@xxxxxxxxxxxxx>
Date: Thu, 23 Mar 2006 17:07:26 -0700

We recently moved a web site that validated user credentials in Active
Directory from IIS 5.1 to IIS 6, and the validation code no longer works.
The web.config file is set to Windows authentication because all we do is
verify the user on the login form so we can redirect them to the appropriate
page based on their group.
The code to authenticate is:
Public Function IsAuthenticated(ByVal domain As String, ByVal username As
String, ByVal pwd As String) As Boolean
Dim domainAndUsername As String = domain & "\" & username
Dim entry As DirectoryEntry = New DirectoryEntry(_path,
domainAndUsername, pwd)
Try
'Bind to the native AdsObject to force authentication.
Dim obj As Object = entry.NativeObject
Dim search As DirectorySearcher = New DirectorySearcher(entry)
search.Filter = "(SAMAccountName=" & username & ")"
search.PropertiesToLoad.Add("cn")
Dim result As SearchResult = search.FindOne()
If (result Is Nothing) Then
Return False
End If
'Update the new path to the user in the directory.
_path = result.Path
_filterAttribute = CType(result.Properties("cn")(0), String)
Catch ex As Exception
Throw New Exception("Error authenticating user. " & ex.Message &
"<BR>" & ex.StackTrace.ToString)
End Try
Return True
End Function

In IIS 6, we have tried all possible combinations of directory security.

When we first moved the site to IIS 6, an error was generated by the above
code stating the parameter was incorrect, so we tried adding
AuthenticationTypes.None and AuthenticationTypes.Anonymous as the final
parameter for DirectoryEntry(... The result was a message returned as
"unknown user name or bad password. The user name and password entered were
correct, so I don't understand why that error was generated.

Any ideas would be greatly appreciated.

Paul

.

Follow-Ups:
- Re: Active Directory Authentication in IIS 6
  - From: Joe Kaplan \(MVP - ADSI\)

Prev by Date: 2.0 Login Control Not Redirecting
Next by Date: Re: Forms Authentication and dynamic folders
Previous by thread: 2.0 Login Control Not Redirecting
Next by thread: Re: Active Directory Authentication in IIS 6
Index(es):
- Date
- Thread

Relevant Pages

Active Directory LDAP Authentication Fails in IIS 6
... We recently moved a web site that validated user credentials in Active ... Directory from IIS 5.1 to IIS 6, and the validation code no longer works. ... Dim entry As DirectoryEntry = New DirectoryEntry(_path, ...
(microsoft.public.dotnet.framework.aspnet)
Re: Exchange Virtual Directory 404 Not Found
... XCCC: IIS Lockdown and URLscan Configurations in an Exchange Environmenthttp://support.microsoft.com/?id=309508 ... re-create the Exchange-related virtual directories in Internet Services ... visit the following Microsoft Web site: ... Custom installation option to install only Metabase Explorer 1.6. ...
(microsoft.public.windows.server.sbs)
RE: Remote Webworkplace and OWA 3 times log in
... I rest the IIS - Start RUN - type iisreset ... the IIS Default Web Site application. ... Windows account for anonymous access to the Administrator account I renter ... I understand that users can logon to RWW and OWA ...
(microsoft.public.windows.server.sbs)
[NT] Cumulative Patch for Internet Information Service (28 May 2003)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... security patches released for IIS 4.0 since Windows NT 4.0 Service Pack ... An attacker would need the ability to upload a Server-side ... * A denial of service vulnerability that results because IIS 5.0 and 5.1 ...
(Securiteam)
RE: Remote Web Workplace & Outlook
... IIS 6.0 compression corruption causes access violations ... compressed copy of the affected files on the SBS server: ... Troubleshooting OWA when the contents frame displays "Loading" ... Default Web Site and from the Exchange virtual directories. ...
(microsoft.public.windows.server.sbs)