I just joined a company to support a web app that no one knows anything about. Everyone who might have once known is gone.
The app is using a dll (I only have the binary) which is used to get a string list of Active Directory groups that the user belongs to. The code works in production and when I run interactively in the VS2005 IDE, but does not work when I run it locally in IIS.
The code is this. It blows up on line 127:
Line 127:            userGroups = new FW.DirectoryHelper(username).getGroups();
Line 128:            List<string> roles = new List<string>();
Line 129:            List<string> groups = new List<string>();
With this error:
Error getting group information. The specified domain either does not exist or could not be contacted.
This looks like some sort of an issue with the ASPNET account not having access to Active Directory, but why is it working interactively but not under IIS? Is this because when I run interactvely I am running under my own credentials instead of the ASPNET account? Why would it run on other (eg, UAT) IIS servers including Production and not local?
Is there some local IIS开发者_如何学JAVA configuration or fodler security configuration that I need to make to get it to work locally?
The binary is surely used elsewhere within my company; I think it is a shared IT utility that no one will support or trying to find someone who will will prove difficult.
My local IIS was configured with Windows Authentication turned on and Anonymous off. I also tried Windows Auth on and Anonymous...
Your issue is very similar to a question I answered recently, they too were using IIS 5.1.
Is it possible to retrieve data from Active Directory by impersonating a Windows authenticated user in ASP.NET?.
In my answer I provide a couple of possible solutions, what you will probably want to do is use ASP.Net impersonation.
The code is using the windows login credentials for ldap, whichever pc is running the program. Try setting iis to anonymous access and give it an account (a dummy one perhaps) that has ldap reading rights. And in your web.config file, you're going to want to set this anonymous account like so:
<system.web>
<identity userName="DOMAIN\username" password="myPW"/>
</system.web>
Is this IIS6 or 7?
If II6 make sure the application pools Identity is set to that of a domain account.
If IIS7 make sure under Basic Settings it is set to that of a domain account.
Hope this is helpul.
A quick fix is to set the identity of your local IIS to use your login credentials instead of the default system account.
 
         
                                         
                                         
                                         
                                        ![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif) 
                                         
                                         
                                         
                                         加载中,请稍侯......
 加载中,请稍侯......
      
精彩评论