Reputation: 1
iis console application directoryentry searchresult
Running a Console Application as a CGI in IIS on Windows 2012 R2.
On connection to Active Directory (AD), using DirectoryEntry, ref: lccDEDirectoryEntry = new DirectoryEntry(lccSDomainConnectionString, lccSUserId, lccSUserPassword, lccATAuthTypes);
Then using DirectorySearcher, ref: lccDSSearcher = new DirectorySearcher(lccDEDirectoryEntry);
Then finding all matching objects, ref: lccSRCResults = lccDSSearcher.FindAll();
Then finally accessing the search results, ref: foreach (SearchResult lccSRResultLoop in lccSRCResults)
All works fine, until I try to access the Search Results, it throws an "Illegal Characters In Path".
I can run the same Console Application directly on the server hosting the IIS in a command window and it works fine, including accessing/displaying the SearchResults. Also works fine on Windows 7 workstation/etc.
I hit this same type issue a year ago with a call to HttpUtility, and it ended up being a bug in IIS where it is looking for a configuration setting that is null. Microsoft supplied a fix to use this line: AppDomain.CurrentDomain.SetData("APP_CONFIG_FILE", Environment.CurrentDirectory + "\" + System.AppDomain.CurrentDomain.FriendlyName + ".config");
Per this blog page: http://www.dreamincode.net/forums/topic/300197-webrequest-in-a-cgi
And that solved the null configuration setting a year ago, as when you run HttpUtility, IIS looks for an "APP_CONFIG_FILE" setting that is not set when running as a Console Application and isn't used.
Well, my debugging/etc. has shown that the same issue being hit, i.e. a setting is null and so the function "CheckIllegalCharacters" isn't crashing as it can't parse a null value.
Unfortunately, I cannot locate the setting it is looking for. I even enumerated through all AppSetting keys, ref: https://msdn.microsoft.com/en-us/library/system.appdomain.getdata%28v=vs.110%29.aspx?f=255&MSPPError=-2147217396
And have my code filling each one in with a dummy value, but, no go.
Any clue on how to find the missing setting key name? Or other solution?
Here is the Stack Trace. At the bottom is my function 'lccLDAP', which initiates the rest by calling the SearchResults loop.
STACK TRACE at System.Security.Permissions.FileIOPermission.CheckIllegalCharacters(String[] str, Boolean onlyCheckExtras) at System.Security.Permissions.FileIOPermission.AddPathList(FileIOPermissionAccess access, AccessControlActions control, String[] pathListOrig, Boolean checkForDuplicates, Boolean needFullPath, Boolean copyPathList) at System.Security.Permissions.FileIOPermission..ctor(FileIOPermissionAccess access, String path) at System.Reflection.RuntimeModule.get_FullyQualifiedName() at System.Configuration.ClientConfigPaths.SetNamesAndVersion(String applicationFilename, Assembly exeAssembly, Boolean isHttp) at System.Configuration.ClientConfigPaths..ctor(String exePath, Boolean includeUserConfig) at System.Configuration.ClientConfigPaths.GetPaths(String exePath, Boolean includeUserConfig) at System.Configuration.ClientConfigurationHost.RequireCompleteInit(IInternalConfigRecord record) at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject) at System.Configuration.BaseConfigurationRecord.GetSection(String configKey) at System.Configuration.ConfigurationManager.GetSection(String sectionName) at System.Configuration.PrivilegedConfigurationManager.GetSection(String sectionName) at System.DirectoryServices.SearchResultCollection.ResultsEnumerator..ctor(SearchResultCollection results, String parentUserName, String parentPassword, AuthenticationTypes parentAuthenticationType) at System.DirectoryServices.SearchResultCollection.get_InnerList() at System.DirectoryServices.SearchResultCollection.get_Item(Int32 index) at lccCoreFunctionsClass.lccLDAP(lccSettingsClass lccParamSCSettings, Int32 lccLDAPId, Int32 lccIFlag, String lccSParam)
Upvotes: 0
Views: 275
Answers (1)
Reputation: 1
Adding what I finally did. Since my console app runs fine on the IIS server, just not through IIS for Directory.SearchResults, I split the program to run in front-end and back-end modes. The front-end servers IIS web pages, and passes requests to the back-end for LDAP tasks. The back-end then serves responses to the front-end. Good tier-3 security anyway. Just in case others look for a possible solution.
Upvotes: 0
Related Questions
- Directory Searcher Filter is returning no results
- Authentication accessing ActiveDirectory with DirectorySearcher
- LDAP SearchResult does not contain user properties
- DirectorySearcher/LDAP lookup fails from IIS deployment environment, works from console on same machine
- How to get DN for a DirectorySearcher's SearchResult in .NET?
- Asp.net search Active Directory from IIS
- Searching Active Directory from ASP.NET
- Search Active Directory without using LDAP
- how to get the username of a SearchResultEntry
- DirectoryEntry() not authenticated