Re: Calling NetUserGetInfo from ASP.NET app

---

• From: "Michael D'Angelo" <nospamnmdange@xxxxxxxxxxxxxxx>
• Date: Wed, 24 May 2006 16:08:46 -0400

---

I also get Access is Denied if I use System.DirectoryServices using WinNT,
or Operations Error using LDAP.

"Michael D'Angelo" <nospamnmdange@xxxxxxxxxxxxxxx> wrote in message
news:%23Hwzuz2fGHA.4464@xxxxxxxxxxxxxxxxxxxxxxx

I have an ASP.NET 2.0 app with windows authentication and impersonation
enabled. The application pool is running as local system.

I'm trying to call NetUserGetInfo to retrieve the full name of a user
account. The code works when run from a console application. When I
execute it from the ASP.NET page, I can see in the event log on the domain
controller the following failure audit:
Object Open:

Object Server: Security Account Manager

Object Type: SAM_SERVER

Object Name: CN=Server,CN=System,DC=domain,DC=com

Handle ID: -

Operation ID: {0,706132358}

Process ID: 544

Process Name: C:\WINDOWS\system32\lsass.exe

Primary User Name: DC$

Primary Domain: DOMAIN

Primary Logon ID: (0x0,0x3E7)

Client User Name: ANONYMOUS LOGON

Client Domain: NT AUTHORITY

Client Logon ID: (0x0,0x2A16B979)

Accesses: MAX_ALLOWED


Privileges: -

Properties:

---

samServer

Access Mask: 0



So it appears as though delegation is not working...however I've gone into
the properties on teh server, and in the delegation tab, I've added every
service listed on the domain controller, using any authentication
protocol. Despite this it's still failing. Any ideas?

.

---

• Follow-Ups:
  • Re: Calling NetUserGetInfo from ASP.NET app
    • From: Joe Kaplan \(MVP - ADSI\)
  • Re: Calling NetUserGetInfo from ASP.NET app
    • From: Michael D'Angelo

• References:
  • Calling NetUserGetInfo from ASP.NET app
    • From: Michael D'Angelo

• Prev by Date: Calling NetUserGetInfo from ASP.NET app
• Next by Date: Re: Calling NetUserGetInfo from ASP.NET app
• Previous by thread: Calling NetUserGetInfo from ASP.NET app
• Next by thread: Re: Calling NetUserGetInfo from ASP.NET app
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Calling NetUserGetInfo from ASP.NET app ... or Operations Error using LDAP. ... Client User Name: ANONYMOUS LOGON ... into the properties on teh server, and in the delegation tab, I've added ... (microsoft.public.dotnet.framework.aspnet.security) Calling NetUserGetInfo from ASP.NET app ... I have an ASP.NET 2.0 app with windows authentication and impersonation ... Client User Name: ANONYMOUS LOGON ... the properties on teh server, and in the delegation tab, I've added every ... (microsoft.public.dotnet.framework.aspnet.security) RE: Event ID 529 on cleint workstation ... Security Event ID 529 is a failure audit for logon/logoff. ... "logon events" generate the events on domain controllers for domain account ... The Event 529 was caused by the machine account password not being ... I suggest that you re-join the client to ... (microsoft.public.windows.server.sbs) Re: Event ID 529 on cleint workstation ... "logon events" generate the events on domain controllers for domain account ... The Event 529 was caused by the machine account password not being ... I suggest that you re-join the client to ... Microsoft CSS Online Newsgroup Support ... (microsoft.public.windows.server.sbs) Re: NT4 -> Win2K3 question ... "not allow me logon to domain." ... I suspect you still unable to join the ... client into domain, right? ... Get Secure! ... (microsoft.public.windows.server.migration)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2006-05