CODEWITHSUNDEEP
c#asp.netvisual-studio-2010active-directory
Himanshu.MarJAVA
Himanshu.MarJAVA

Reputation: 525

ASP.NET error getting user details from Active Directory

I am trying to build a registration section for a website (internal to my dept). Now to get new users registered, I built a form where user enters his employee id i.e. AD account name and then clicks a button to fetch his details. Which are later saved in database where registration requests are queued. Once those requests are approved by admin then only those users can use the application. Now the problem is that user is not logged in, so is it possible for non logged in user to fetch details from AD server. if it is then how.? Because when I tried the below listed code I am getting bad username or password error using FindOne function.

public string getProperties(string StaffCode, string property)
        {
            try
            {
                string result = "";
                using (var de = new DirectoryEntry(_path))
                using (var ds = new DirectorySearcher(de))
                {
                    ds.Filter = string.Format("(sAMAccountName={0})", StaffCode);
                    ds.PropertiesToLoad.AddRange(new[] {
            "sn",  // last name
            "givenName",  // first name
            "mail",  // email
            "telephoneNumber",  // phone number
            // etc - add other properties you need
            });
                    var res = ds.FindOne();
                    if (res == null)
                    {
                        result = "noUserFound";
                    }
                    else
                    {
                        foreach (string propName in res.Properties.PropertyNames)
                        {
                            ResultPropertyValueCollection valueCollection = res.Properties[propName];
                            foreach (Object propertyValue in valueCollection)
                            {
                                if (propName == property)
                                {
                                    result = propertyValue.ToString();
                                }

                            }
                        }
                    }

                }
                return result;
            }
            catch (Exception ex)
            {
                return "someErrorOccurred";
            }

Please help me in overcoming this issue.

Thanks in advance

Upvotes: 0

Views: 303

Answers (1)

Wiktor Zychla
Wiktor Zychla

Reputation: 48230

My guess is that the identity of the application pool you run this code under doesn't have enough priviledges to query the AD without authentication.

Specifically, start with replacing this constructor

using ( var de = new DirectoryEntry( _path ) )

with the one that takes admin's username/password in an explicit way

using ( var de = new DirectoryEntry( _path, username, password ) )

and make sure the username has enough priviledges to query the catalog.

If this works, you could possibly try to go back to the original version but you'd have to make sure the identity of the asp.net application pool has enough priviledges to query the AD but also, that the asp.net server is a part of the domain (if it is not, authentication without providing username/password in an explicit way will most likely not work).

Upvotes: 1

Related Questions