Re: Integrated Windows Authentication with ADSI

From: Jeff Curren (JeffCurren@private.hotmail.com)
Date: 09/15/02 

From: "Jeff Curren" <JeffCurren@private.hotmail.com>
Date: Sun, 15 Sep 2002 10:00:58 -0400

The reason it works when you connect as anonymous or use basic auth might be
because you have granted admin permissions to IUSR_[machinename]?

Regardless, you should probably bind to the active directory using explicit
authentication credentials. That way you don't have to grant what might be
excessive permissions to web users just to get the ADS functions to work.

Jeff

"Jennifer" <jennifer@yahoo.com> wrote in message
news:12ca101c25b51$31078450$3bef2ecf@TKMSFTNGXA10...
> I have a web site that I would like to use Integrated
> Windows Authentication (IWA) to authenticate users.
>
> The users I am trying to authenticate are Active Directory
> users. The web server with IIS on it is a member of the
> domain in which the Active directory users were created.
>
> When I set up IWA, I can get into the web site but when
> the ASP code does ADSI calls that does stuff to the Active
> Directory users it fails. For example, the code:
>
> set objUser = objDomain.Create("user", theUserName)
> objUser.setPassword thePAssword
> ....
> objUser.SetInfo
>
> Fails on "objUser.SetInfo" The error is gives is:
>
> "Active Directory (0x80070005) General access denied error"
>
> However, I don't think there is anything wrong with the
> permissions of the user I'm using because the same user
> works fine if I use Anonymous Access or Basic
> Authentication. The same code does NOT generate an error
> with those access methods.
>
> I would like to use IWA because of security but I can't
> figure out why IWA does not work when the same user works
> with Basic Authentication or Anonymous Access.
>
> Thank you,
> Jennifer
>

Relevant Pages

  • RE: IIS 6.0 & Permissions
    ... then the anonymous access is failing ... and it is probably falling back on Integrated authentication. ... compare the permissions on your server to the default permissions. ... What is the error message displayed in the browser (be sure ...
    (microsoft.public.inetserver.iis)
  • Re: How do I: Configure WebService Permissions
    ... Disable integrated Windows authentication. ... "Russell Mangel" wrote: ... > How can I set permissions, so my webservice will run, without entering my ... I don't want anonymous access enabled. ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Permission denied: GetObject
    ... rights (or atleast read rights to the active directory). ... > I'm building an ASP app that uses Windows Authentication. ... > permissions and all other users have read/execute ... > 'Other problen so sign in as Guest ...
    (microsoft.public.inetserver.asp.general)
  • Re: Permission denied: GetObject
    ... rights (or atleast read rights to the active directory). ... > I'm building an ASP app that uses Windows Authentication. ... > permissions and all other users have read/execute ... > 'Other problen so sign in as Guest ...
    (microsoft.public.inetserver.iis)
  • RE: Save IE password thorugh group policy
    ... that web site, this remote cookie will pickup the password so that the users ... You can configure IIS to Anonymous access or Digest ... Configure Authentication in IIS ...
    (microsoft.public.windows.group_policy)