Todas as Respostas

• sexta-feira, 18 de janeiro de 2008 21:44

   

   
  

  1

   

  I have seen this error on websites that has impersonation set to true in the web.config file with NTLM or Kerberos authentication set. (due to the fact that the users token is a "secondary token" that cannot be used when authenticating against another server)

   

  You could either use Basic Authentication or switch the impersonation setting to false in web.config (which might break the app)

   

  I have a small blogentry about the error when seen in sharepoint, but I guess that you're not going to change the code..

  http://sharepoint-tweaking.blogspot.com/2007/12/impersonation-in-aspnet-causes.html

   
• terça-feira, 22 de janeiro de 2008 18:11

   

   
  

  0

   

  I found one of the error codes 0x80072020 may point to a problem contacting/communicating with the AD. Anything out of the ordinary in the Event logs or the SFT logs?

   

   

   
• terça-feira, 19 de agosto de 2008 15:12

   

   
  

  0

   

  Switching to Basic Authentication did the Trick but it is not a very good solution. As automatic login will not work anymore.

  I'm generating a Self Service Application where users can Alter some of their AD Properties.

   

  So this is really very annoying.

   

  BR
  Daniel

   
• terça-feira, 7 de outubro de 2008 19:32

   

   
  

  0
  Hi Daniel,
  
  I'm having the exact same problem.  Did you find a solution that did not require Basic Authentication?
  
  Thanks for any help!
  Tim
  
   
• sexta-feira, 14 de novembro de 2008 15:31

   

   
  

  1

  PerG wrote:

  I have seen this error on websites that has impersonation set to true in the web.config file with NTLM or Kerberos authentication set. (due to the fact that the users token is a "secondary token" that cannot be used when authenticating against another server)   You could either use Basic Authentication or switch the impersonation setting to false in web.config (which might break the app)   I have a small blogentry about the error when seen in sharepoint, but I guess that you're not going to change the code.. http://sharepoint-tweaking.blogspot.com/2007/12/impersonation-in-aspnet-causes.html

   

  I was using Windows Authentication for hosting my intranet site. In my web.config file is was   

  <authentication mode="Windows"/>
    <identity impersonate="true"/>

   

  But still it was not working and error was showing on  dirSearch.FindOne(); since I was using Directory search in Active Directory for user authentication.  Your code below works properly to send user credential in SQL Server and now I am able to use User_Name keyword in sql server. It gets the user name what we authenticate from domain users.

  using System.Web.Hosting;
  ...
  ...

  // Code here runs as the logged on user
  
  using (HostingEnvironment.Impersonate()) {
  // This code runs as the application pool user
       DirectorySearcher searcher ...
  }
  

  Thank you very much!.

  • Sugerido como Resposta Syed Azharuddin quinta-feira, 8 de janeiro de 2009 12:32
  • Não Sugerido como Resposta Aaron.ParkerMVP, Moderator terça-feira, 11 de dezembro de 2012 11:45
  •  
   
• quinta-feira, 8 de janeiro de 2009 12:31

   

   
  

  0

  Thanks a million yar, you saved me, I was really worried about the issue..
  
  using(HostingEnvironment.Impersonate())
  {
  
      code ..... blah blah blah...
  
  }
  
  solved my problem...

   
• segunda-feira, 8 de junho de 2009 18:34

   

   
  

  0
  You're a genius! Thanks so much!
   
• sexta-feira, 11 de dezembro de 2009 10:24

   

   
  

  0
  Thanks man, you saved my whole day or might me more :)
  
  
  It was bang on the target.
   
• quinta-feira, 7 de janeiro de 2010 06:15

   

   
  

  0
  Hi vijander,
  
  i have same problem in the with my vb.net code.
  here is my code..
  
  

  Protected

   

  Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

  
  

  Dim

   

  m_LoginName As String = Environment.UserName.ToString
  Dim dirEntry As System.DirectoryServices.DirectoryEntry
  Dim dirSearcher As System.DirectoryServices.DirectorySearcher
  dirEntry = New System.DirectoryServices.DirectoryEntry(LDAP://abc.com)
  dirSearcher = New System.DirectoryServices.DirectorySearcher(dirEntry)
  dirSearcher.Filter = "(samAccountName=" & m_LoginName & ")"
  Dim sr As SearchResult = dirSearcher.FindOne()
  Dim de As System.DirectoryServices.DirectoryEntry = sr.GetDirectoryEntry()
  Dim sUserName As String = de.Properties("GivenName").Value.ToString()
  Dim sLName As String = de.Properties("Sn").Value.ToString() 
  Lgname1.Text = "Welcome : " & sUserName & " " & sLName
  
  

   

  End Sub

   

   

  
  
  lines in my web.config file are..
  <authentication mode="Windows"/>
    <identity impersonate="true"/>
  
  Could you please hlep me how do i overcome the issues.. using... (HostingEnvironment.Impersonate())
  
  do i need to add this in my code page.. please help me here ...
  
  -Ravi.
  
  
  
  

   
• quinta-feira, 7 de janeiro de 2010 08:12

   

   
  

  5
  Add the code you've written in the
  using(HostingEnvironment.Impersonate()) block like:
  
  
  
  

  using(HostingEnvironment.Impersonate())
  {
  
  m_LoginName As String = Environment.UserName.ToString
  Dim dirEntry As System.DirectoryServices.DirectoryEntry
  Dim dirSearcher As System.DirectoryServices.DirectorySearcher
  dirEntry = New System.DirectoryServices.DirectoryEntry(LDAP://abc.com)
  dirSearcher = New System.DirectoryServices.DirectorySearcher(dirEntry)
  dirSearcher.Filter = "(samAccountName=" & m_LoginName & ")"
  Dim sr As SearchResult = dirSearcher.FindOne()
  Dim de As System.DirectoryServices.DirectoryEntry = sr.GetDirectoryEntry()
  Dim sUserName As String = de.Properties("GivenName").Value.ToString()
  Dim sLName As String = de.Properties("Sn").Value.ToString() 
  Lgname1.Text = "Welcome : " & sUserName & " " & sLName
  }
  
  Hope it works!!
  
  

  • Marcado como Resposta Aaron.ParkerMVP, Moderator quinta-feira, 21 de abril de 2011 09:18
  •  
   
• domingo, 7 de fevereiro de 2010 13:59

   

   
  

  0
  My friend, it works very well!! Thank you so much!
  
   
• segunda-feira, 15 de março de 2010 21:06

   

   
  

  1
  I was having same problem, spent a day with frustration and then found this forum. It did the trick
  
  THANKS A BUNCH !!!
  

  ---

  SharePoint Developer
   
• sábado, 23 de outubro de 2010 05:53

   

   
  

  1

  I went through above post and implemented it on my code but on debug mode it is working fine but when i deployed it on local iis is not working

  public void DisplayUser(IIdentity id)
      {
  
          WindowsIdentity winId = id as WindowsIdentity;
          if (id == null)
          {
              Console.WriteLine("Identity is not a windows identity");
              return;
          }
        
              string userInQuestion = winId.Name.Split('\\')[1];
              string myDomain = winId.Name.Split('\\')[0];
              DirectoryEntry entry = new DirectoryEntry("LDAP://" + myDomain);
              DirectorySearcher adSearcher = new DirectorySearcher(entry);
  
              adSearcher.SearchScope = SearchScope.Subtree;
              adSearcher.Filter = "(samAccountName=" + userInQuestion + ")";
              //adSearcher.Filter = "(&(objectClass=user)(samaccountname=" + userInQuestion + "))";
              SearchResult userObject;
              using (HostingEnvironment.Impersonate())
              {
                  userObject = adSearcher.FindOne();
              }
              StringBuilder data = new StringBuilder();
              System.Collections.ArrayList list = new System.Collections.ArrayList();          
         
              if (userObject != null)
              {          
                  lblLoginName.Text = id.Name;
                  lblFullName.Text = userObject.Properties["displayname"][0].ToString();
                  lblEmailID.Text = userObject.Properties["mail"][0].ToString();
                  lblMobileNo.Text = userObject.Properties["mobile"][0].ToString();
                  lblTitle.Text = userObject.Properties["title"][0].ToString();
              }       
      }

   

  error is

   

  ---

  Logon failure: unknown user name or bad password.
  

  Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
  
  Exception Details: System.DirectoryServices.DirectoryServicesCOMException: Logon failure: unknown user name or bad password.
  
  
  Source Error:
  
  

  Line 43: using (HostingEnvironment.Impersonate()) Line 44: { Line 45: userObject = adSearcher.FindOne(); Line 46: } Line 47: StringBuilder data = new StringBuilder();

  
  Source File: d:\RC System\Authentication\Login.aspx.cs    Line: 45
  
  Stack Trace:
  
  

  [DirectoryServicesCOMException (0x8007052e): Logon failure: unknown user name or bad password. ] System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +420085 System.DirectoryServices.DirectoryEntry.Bind() +36 System.DirectoryServices.DirectoryEntry.get_AdsObject() +31 System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) +78 System.DirectoryServices.DirectorySearcher.FindOne() +45 Login.DisplayUser(IIdentity id) in d:\RC System\Authentication\Login.aspx.cs:45 Login.Page_Load(Object sender, EventArgs e) in d:\RC System\Authentication\Login.aspx.cs:21 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35 System.Web.UI.Control.OnLoad(EventArgs e) +91 System.Web.UI.Control.LoadRecursive() +74 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2207

   
• terça-feira, 8 de março de 2011 22:24

   

   
  

  0

  Thanks man.. It worked for me!!

   

   
• sexta-feira, 1 de abril de 2011 15:16

   

   
  

  0

   

  HostingEnvironment.Impersonate works like a charm.  Thank you!!!!

   
• terça-feira, 12 de abril de 2011 13:38

   

   
  

  0
  That totally solved my problem.  Thank You!
   
• quarta-feira, 22 de junho de 2011 16:10

   

   
  

  0
  Awesome advice.  Worked perfectly for me.  Thank you!!!
   
• domingo, 10 de julho de 2011 11:41

   

   
  

  0
  Thank you for the psoting this reply saved me.. Thanks and Regards, Anil Kumar.S.R
   
• segunda-feira, 12 de setembro de 2011 13:05

   

   
  

  0

  Sometimes things are so simple, thanks for the solution.

   
• sexta-feira, 13 de janeiro de 2012 18:41

   

   
  

  0
  Excelnte, Gracias me salvaste la vida. Saludos desde Mty, Mexico.
  
   
• quarta-feira, 1 de agosto de 2012 13:02

   

   
  

  0

  Thanks a lot Vijander, u r truly a life saver. My project is just about to go in prod. And my DirectorySearcher worked like a charm on local machine. But as soon as it went on IIS, it gave an exception 'An operations error occured.'  Then I just included the using(HostingEnvironment.Impersonate()) and it got solved.

  Thanks a ton.............

  
  

  • Editado _neo quarta-feira, 1 de agosto de 2012 13:03
  •  
   
• terça-feira, 7 de agosto de 2012 22:46

   

   
  

  0

  I used to face the same problem everyone is facing when I upload my code to the IIS server machine, but the code would run fine if I compile and run the project from my local machine where I am logged in as a user that is part from the domain where I am looking for other users.

  I tried this trick and it worked great. The only difference is that the code works much slower. Is that normal? Is there a way to have this process faster since I am planning to implement the same code in each page on my website. If there's another way to do what I am trying to achieve with my code that does not require the "HostinEnvironment.Impersonate()" workaround so it could run faster I am willing to pursue it.

  I am trying to get the Windows logged in user's given name or display name. Here is my code:

  using (HostingEnvironment.Impersonate())
  {
  	PrincipalContext pc = new PrincipalContext(ContextType.Domain);
  	UserPrincipal up = UserPrincipal.FindByIdentity(pc, Context.User.Identity.Name);
  	string Owner = up.DisplayName;
  }

  
  

  Many thanks,

  Amy

  • Editado Amy0907 terça-feira, 7 de agosto de 2012 22:47
  •  
   
• quarta-feira, 5 de dezembro de 2012 02:05

   

   
  

  0

  I used to face the same problem everyone is facing when I upload my code to the IIS server machine, but the code would run fine if I compile and run the project from my local machine where I am logged in as a user that is part from the domain where I am looking for other users.

  I tried this trick and it worked great. The only difference is that the code works much slower. Is that normal? Is there a way to have this process faster since I am planning to implement the same code in each page on my website. If there's another way to do what I am trying to achieve with my code that does not require the "HostinEnvironment.Impersonate()" workaround so it could run faster I am willing to pursue it.

  I am trying to get the Windows logged in user's given name or display name. Here is my code:

  using (HostingEnvironment.Impersonate())
  {
  	PrincipalContext pc = new PrincipalContext(ContextType.Domain);
  	UserPrincipal up = UserPrincipal.FindByIdentity(pc, Context.User.Identity.Name);
  	string Owner = up.DisplayName;
  }

  
  

  Many thanks,

  Amy

  Hi Amy,

  What you can do, say, if this was an intranet, when the end-user first logs in, use a line as such and you never have to call that code again.

  // C#
  // Set it
   Session["variableCurrentDisplayName"] = up.DisplayName;
  // Get it
  var userName = Session["variableCurrentDisplayName"].ToString();
  

  
  

  Its a session variable that will disappear when the user closes their browser, logs off, or the session times-out.

  Session is per user and Application is per web application. Though, sometimes the web application pool/thread will recycle.

  Also, I had the same error everyone here is talking about. The solution was to reboot my domain controller then my web server. Sometimes you get the COM error message and sometimes you get the "Operation error occurred" I can tell because my code that accesses the Active Directory to get the username/display stops working when it was working for months. Though I will try the solution here in a test project.

  My situation was with an intranet web application that did not use impersonation, but did use ActiveDirectyMembershipProvider with Forms Authentication, Azman.msc with XML better known as Authorization Manager, created custom groups in AzMan then assigned users from Active Directory into these groups. Save/place the XML file in your "App_Data" folder on your web application.

  
  

  ---

  "I am not discouraged, because every wrong attempt discarded is another step forward." Thomas Edison

  
  

  • Editado SammyNewOrleans-MSDN quarta-feira, 5 de dezembro de 2012 02:10 code change
  •