asp.net Application identifies user on localhost but not on server without hard coding username / password

Question

asp.net Application identifies user on localhost but not on server without hard coding username / password

I'm setting up a new asp.net site on IIS8 (windows server 2012). I'm trying to take older code that works on windows server 2008, IIS6. Both are virtual servers.

Windows authentication is enabled.

Anonymous Authentication is disabled. (tried enabling per some post I read but no change)

Getting the user by:

string user = System.Web.HttpContext.Current.User.Identity.Name;

int separatorIndex = user.LastIndexOf(@"\");
if (separatorIndex != -1 && separatorIndex < user.Length - 1)
  {
    user = user.Substring(separatorIndex + 1);
  }

DirectoryEntry rootEntry = new DirectoryEntry("LDAP://na.xxxxxx.biz");

DirectorySearcher directorySearcher = new DirectorySearcher(rootEntry);
directorySearcher.Filter = string.Format("(&(objectClass=user)(objectCategory=user) (sAMAccountName={0}))", user);
directorySearcher.PropertiesToLoad.Add("displayName");

var result = directorySearcher.FindOne();

This works great on localhost, returns an error on the server:

System.DirectoryServices.DirectoryServicesCOMException (0x80072020): An operations error occurred. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) at System.DirectoryServices.DirectorySearcher.FindOne() at EngApps.App_Code.UserFullName.LookUpDirectory() in e:\inetpub\wwwroot\App_Code\UserFullName.cs:line 45

line 45 is the last line I posed above using 'FindOne()'

If I hard code my user name and password everything works on the server:

rootEntry.Username = user;
rootEntry.Password = "xxxxxx";

But I don't need this in the older code base so I'm guessing there is a setting in IIS8. I played around with anonymous authentication a bit and read several post but haven't been able to figure it out yet.

Thanks for your help.

c#

asp.net-mvc

iis-8

windows-server-2012

asked on Stack Overflow Jul 2, 2013 by

Automate This • edited Jul 3, 2013 by

tereško

1 Answer

The issue is likely that the identity of the IIS Application Pool your application running in is something that does not have the authority to query the domain, such as LocalService.

You should check the App Pool on the previous instance and ensure that the identities are the same or at least have similar access capabilities.

answered on Stack Overflow Jul 2, 2013 by

competent_tech

User contributions licensed under CC BY-SA 3.0