timm_d Posted November 13, 2003 Posted November 13, 2003 I am trying to use Active Directory to check the groups that the current user is a member of. I was trying to use HttpContext.Current.User.IsInRole(role) and it always returned false. I am a member of the Domain\WebAdmin group, but IsInRole("Domain\WebAdmin") returns false when it checks my account against active directory. My server OS is Windows 2000 Server. I used the following function to run through the debugger and see if I was authenticating to active directory: '========================================================================================= Public Shared Function GetUserGroupMembership(ByVal strUser As String) As StringCollection Dim groups As New StringCollection �******************************************************************** � UsrName and PWD below are the username and password of a user I created with �Administrator privileges in Active Directory �******************************************************************* Dim obEntry As New DirectoryEntry("LDAP://CN=users,DC=DOMAIN,DC=org", "UsrName", �PWD") Dim srch As New DirectorySearcher(obEntry, "(sAMAccountName=" + strUser + ")") Dim res As SearchResult = srch.FindOne() If Not (Nothing Is res) Then Dim obUser As New DirectoryEntry(res.Path) ' Invoke Groups method. Dim obGroups As Object = obUser.Invoke("Groups") Dim ob As Object For Each ob In CType(obGroups, IEnumerable) ' Create object for each group. Dim obGpEntry As New DirectoryEntry(ob) groups.Add(obGpEntry.Name) Next ob End If Return groups End Function 'GetUserGroupMembership '================================================================================================= When objEntry is created I looked in the debugger and the following error was thrown for some properties of the object but the program doesn't crash yet: �<error: an exceptionof type:{System.Runtime.InteropServices.COMException} occurred>�. If I don't specify CN=users in my adsPath then I don't get this error, but I am still unable to use the DirectorySearcher object. When I continue with the step through on the debugger the program crashes with the following error when the FindOne () method is called: �System.Runtime.InteropServices.COMException: The authentication mechanism is unknown� I can�t find any documentation for this error and I am new to using active directory, so I would appreciate any suggestions for things I can check. Thanks in advance! Quote
Travis Posted November 14, 2003 Posted November 14, 2003 here is a possibility: http://support.microsoft.com/default.aspx?scid=kb;en-us;321562 Quote
timm_d Posted November 14, 2003 Author Posted November 14, 2003 Thanks for the reply. I already tried that one though. I removed myself from every group except DOMAIN\WebAdmin and I got the same result. Quote
Rune Posted May 4, 2006 Posted May 4, 2006 Are you sending your user name and domain separately in the ldap string? if so, try combining them. that solved a similiar problem for me Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.