Re: Using Protocol Transition and Constrained Delegation to access a domain controler via LDAP
- From: "Olivier Matrot" <olivier.matrot.rte@xxxxxxxxxxxxx>
- Date: Thu, 15 Mar 2007 15:12:47 +0100
Solved. Please see details in the Adsi forum.
"Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eyS1LpsZHHA.1296@xxxxxxxxxxxxxxxxxxxxxxx
I tried to answer your other post in the ADSI newsgroup.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Olivier Matrot" <olivier.matrot.rte@xxxxxxxxxxxxx> wrote in message
news:O5FA7ilZHHA.3628@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
I'm trying to apply the techniques found in the following article :
http://msdn2.microsoft.com/en-us/library/ms998355.aspx
However the backend tier is not a SQL Server, but a domain controller
accessed via the System.DirectoryServices Namespace.
My scenarii is the following:
- The web site is running under the network service account (Windows 2003
domain member).
- Forms based authentication is used.
- the web page impersonate the authenticated user by using the
WindowsIndentity constructor.
- Any call to the System.Directory Services namespace fails with the
error : 0x8007203A : 'The server is not operational'.
Please note that the LogonUser technique works fine in the same
environment.
The problem is that I'm not sure that I have correctly selected the
services available in the delegation property page for the computer
account. I have selected the service "ldap" on each domain controler.
Any help appreciated.
.
- References:
- Prev by Date: RE: How to enable IWA over multiple servers
- Next by Date: Re: NT AUTHORITY\Network Service can't write to .NET Directory?
- Previous by thread: Re: Using Protocol Transition and Constrained Delegation to access a domain controler via LDAP
- Next by thread: Impersonation Issue
- Index(es):
Relevant Pages
|
