 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / General / October 2007Help with vbscript in asp.net
Set objUser = GetObject("WinNT://WALKER_MORRIS/hup^,user") If objUser.IsAccountLocked = True Then ....... I am using the above code as part of my asp.net web application. I have tested the code and it works fine except when the code executes as part of my webpage i receive the following error:- ActiveX component can't create object 'CreateObject' Any ideas? > Set objUser = GetObject("WinNT://WALKER_MORRIS/hup^,user") > If objUser.IsAccountLocked = True Then ....... [quoted text clipped - 6 lines] > > Any ideas? That's Classic ASP code... To interface with ActiveDirectory in .NET, you need to use the System.DirectoryServices namespace...  SignatureMark Rae ASP.NET MVP http://www.markrae.net Also can you confirm if this code is running on the client via <script> tags? If it is then you're probably running into security issues, you can't just create any old ActiveX object on the client. > Set objUser = GetObject("WinNT://WALKER_MORRIS/hup^,user") > If objUser.IsAccountLocked = True Then ....... [quoted text clipped - 6 lines] > > Any ideas? > Also can you confirm if this code is running on the client via <script> > tags? If it is then you're probably running into security issues, you can't [quoted text clipped - 16 lines] > > - Show quoted text - Yes I am running the code on the client using <script> tags Think this is probably a security issue. Is there any way round this? > Yes I am running the code on the client using <script> tags You didn't say that in your original post... > Think this is probably a security issue. > Is there any way round this? Do your AD work server-side using the System.DirectoryServices namespace, after setting ASP.NET up to impersonate a user with sufficient privileges... SignatureMark Rae ASP.NET MVP http://www.markrae.net > <teeja...@gmail.com> wrote in message > [quoted text clipped - 13 lines] > Mark Rae > ASP.NET MVPhttp://www.markrae.net This works when I run it on my webserver. Not in VS but when i go into my web browser and type the address http://computername/stripnet If i run from any other application i get the a run time error. Do i have to add the directoryservices.dll into my root web folder or something? > Do i have to add the directoryservices.dll into my root web folder or > something? You have to add a reference to it in your project... SignatureMark Rae ASP.NET MVP http://www.markrae.net > <teeja...@gmail.com> wrote in message > [quoted text clipped - 8 lines] > Mark Rae > ASP.NET MVPhttp://www.markrae.net I have added the reference to the project. On 12 Oct, 10:43, "teeja...@gmail.com" <teeja...@gmail.com> wrote: > > <teeja...@gmail.com> wrote in message > [quoted text clipped - 10 lines] > > I have added the reference to the project. i get the following error Server Error in '/StripNET' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. if i remove the part using directory services it runs without an error. >> I have added the reference to the project. > > i get the following error > > Server Error in '/StripNET' Application. Then there's either a bug in your code somewhere, or you're not using Windows 2003... Presumably your code looks something like this: http://en.csharp-online.net/User_Management_with_Active_Directory%E2%80%94Determ ining_Account_Lockout How are you actually referencing the User object...? SignatureMark Rae ASP.NET MVP http://www.markrae.net > <teeja...@gmail.com> wrote in message > [quoted text clipped - 16 lines] > Mark Rae > ASP.NET MVPhttp://www.markrae.net No, the code works fine. It works fine on my PC which is running IIS. Even if I am browsing to it out of VS. But if any other user tried to use it on their machine it throws up the error. If i remove this code that checks if the account is locked out then other users don't receive the error. my code is as follows:- imports system.directoryservices ' some code above here which is not causing the problem. Dim objUser As New DirectoryEntry("LDAP://" & strLDAP) Dim objSearcher As DirectorySearcher = New DirectorySearcher(objUser) Dim objResults As SearchResultCollection Dim objResult As SearchResult Const lockoutFlag As Integer = 16 objSearcher.PropertiesToLoad.Add("msds-User-Account-Control- Computed") objResults = objSearcher.FindAll() For Each objResult In objResults Dim status As Integer = DirectCast(objResult.Properties("msds-User-Account-Control-Computed") (0), Integer) If (status And lockoutFlag) = lockoutFlag Then IsAccountLocked = True Session("LDAP") = strLDAP Else IsAccountLocked = False End If Next objUser.Close() objUser.Dispose() thanks for your help by the way. I really appreciate it! >> <teeja...@gmail.com> wrote in message >> [quoted text clipped - 57 lines] > > thanks for your help by the way. I really appreciate it! SignatureMark Rae ASP.NET MVP http://www.markrae.net > No, the code works fine. It works fine on my PC which is running > IIS. Even if I am browsing to it out of VS. But if any other user > tried to use it on their machine it throws up the error. If i remove > this code that checks if the account is locked out then other users > don't receive the error. As I mentioned a couple of replies back, the user under which ASP.NET runs by default doesn't have sufficient privileges to query ActiveDirectory, so you will need to set up impersonation. Pretty much any standard DomainUser account will do unless you need to make changes to AD objects... SignatureMark Rae ASP.NET MVP http://www.markrae.net > <teeja...@gmail.com> wrote in message > [quoted text clipped - 14 lines] > Mark Rae > ASP.NET MVPhttp://www.markrae.net Yes that seemed to be the problem. Although my IIS is set up to use Windows Authentication. I have set my web site up for <identity impersonation=True /> Still didn't work. I have to explicitly add the userName and Password attributed to the identity element tag for it to work. I was under the impression that impersonation should run as the user that the IIS session is running as. If I am using Windows Authentication this should be the user who is viewing the website, true? Well these users definatly have sufficient privilages. > Yes that seemed to be the problem. > Although my IIS is set up to use Windows Authentication. > I have set my web site up for <identity impersonation=True /> > Still didn't work. That's correct. > I have to explicitly add the userName and Password attributed to the > identity element tag for it to work. That's also correct. > I was under the impression that impersonation should run as the user that > the IIS session is running as. If I am using Windows Authentication this > should be the user who is viewing the website, true? That's not correct - the user who is viewing the website has nothing whatsoever to do with the user under which ASP.NET is running... SignatureMark Rae ASP.NET MVP http://www.markrae.net > Also can you confirm if this code is running on the client via <script> > tags? If it is then you're probably running into security issues, you can't [quoted text clipped - 16 lines] > > - Show quoted text - Is ther a way around this? I have decided to do my AD work server side but now I am wanting to add some scripts that will need to be run client side and will need to create activex objects? > Is ther a way around this? I have decided to do my AD work server > side but now I am wanting to add some scripts that will need to be run > client side and will need to create activex objects? You'll need to mark the objects as safe in each user's registry, or (better) develop your own activex control that will do the coding for you. Users will need to accept to download and install the activex control. > > Is ther a way around this? I have decided to do my AD work server > > side but now I am wanting to add some scripts that will need to be run [quoted text clipped - 3 lines] > develop your own activex control that will do the coding for you. Users > will need to accept to download and install the activex control. How do I mark the object as safe in a users registry? http://msdn2.microsoft.com/en-us/library/aa751977.aspx >> > Is ther a way around this? I have decided to do my AD work server >> > side but now I am wanting to add some scripts that will need to be run [quoted text clipped - 6 lines] > > How do I mark the object as safe in a users registry? Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.