Unable to acess Active Directory when app is deployed in IIS

Question

Unable to acess Active Directory when app is deployed in IIS

I've an application (ASP.Net v4.0) which is on a win7 system. I'm able to connect to an Active Directory (in a server) in both ways, like debugging from Visual Studio 2013 or like deploying in local IIS. But when I publish the same code in Server's IIS, its not connecting to the Active Directory.

Error:

System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): The user name or password is incorrect.\u000d\u000a\u000d\u000a at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\u000d\u000a at System.DirectoryServices.DirectoryEntry.Bind()\u000d\u000a at System.DirectoryServices.DirectoryEntry.get_AdsObject()\u000d\u000a at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)\u000d\u000a at tap.dom.usr.Authentication.ConnectAcitveDirectory(String groupName, String domainName, String serverName, String adminUserName, String queryUserName, String queryPassword)

Any authentication issues? Im a newbie on this part. Please help me. The below is the code:

DirectoryEntry connectionAD = new DirectoryEntry(_serverProtocol + serverName, domainName + "\\" + queryUserName, queryPassword);
DirectorySearcher search = new DirectorySearcher(connectionAD);
search.PageSize = 1001;
search.Filter = "(&(objectClass=user)(SAMAccountName=" + adminUserName + "))";
SearchResultCollection result = search.FindAll();
if (result.Count > 0)
{
    foreach (SearchResult item in result)
    {
        if (item.Properties["SAMAccountName"].Count > 0
                && Convert.ToString(item.Properties["distinguishedName"][0]).Contains("OU=" + groupName))
            return "Active Directory is all set up! User was authenticated~0";
    }
}

What could be the reasons for the error?

c#

asp.net

iis

asked on Stack Overflow Mar 25, 2015 by

Vamsi • edited Mar 25, 2015 by

J. Steen

1 Answer

Do you have impersonation configured in your web.config file?

<identity impersonate="true" />

This causes ASP.NET to impersonate the account that is configured as the anonymous account from Microsoft Internet Information Services (IIS). As a result of this configuration, all requests to this application run under the security context of the configured account. The user provides credentials to authenticate against the Active Directory, but the account that accesses the Active Directory is the configured account.

You can read more in the Microsoft support article: http://support.microsoft.com/en-us/kb/326340

answered on Stack Overflow Mar 25, 2015 by

Cristina Alboni

User contributions licensed under CC BY-SA 3.0