I'm trying to resolve this problem but I cannot get this to work.
The Question
What is wrong with my query?
The Code
private static void ExecuteQuery()
{
string sDomain = "10.12.14.165:389";
string sDefaultOU = "CN=GeneralUsers,CN=Company,DC=Server,DC=LDS,DC=LOCAL";
string sServiceUser = "myUser";
string sServicePassword = "myPassword";
DirectoryEntry ldapEntry = new DirectoryEntry("LDAP://" + sDomain + #"/" + sDefaultOU,
sServiceUser,
sServicePassword);
DirectorySearcher ldapSearcher = new DirectorySearcher(ldapEntry);
//Error Occurs here
SearchResultCollection ldapResult = ldapSearcher.FindAll();
}
The Error
# SearchResultCollection ldapResult = ldapSearcher.FindAll();
Exception: There is no such object on the server.
Attention
The Object DOES Exist
The problem occured in the LDS Configuration. the user I was authenticating with had no rights to the LDS, the query I was using was working fine.
Related
I tried to create reset password and user creation functions for Active Directory. On my PC with below code is works just fine without any error. But when I publish to the server, I received error: Exception has been thrown by the target of an invocation.
ADResult hasil = new ADResult();
DirectoryEntry de = new DirectoryEntry(_path, _adminID, _adminPassword, AuthenticationTypes.Secure);
DirectorySearcher ds = new DirectorySearcher(de);
string query = string.Format("(&(objectCategory=person)(sAMAccountName={0}))", user.userID);
ds.Filter = query;
ds.Sort.PropertyName = "CN";
ds.SearchScope = SearchScope.Subtree;
ds.CacheResults = false;
try
{
SearchResult sr = ds.FindOne();
if (sr == null)
{
hasil.errorCode = -1;
hasil.result = "User name not found in this domain.";
}
else
{
DirectoryEntry userCredentials = sr.GetDirectoryEntry();
userCredentials.Invoke("SetPassword", new Object[] { user.password });
userCredentials.CommitChanges();
userCredentials.Close();
hasil.errorCode = 0;
hasil.result = "Password for " + user.userID + " changed successfully.";
}
}
catch (Exception e)
{
hasil.errorCode = -1;
hasil.result = e.Message + "<br/>" + e.StackTrace + "<br/>" + e.Source;
}
return hasil;
Is there something configuration/settings that I missed on the server side?
I changed my code using
UserPrincipal
instead of
DirectoryEntry
and it works perfectly.
I use this code:
PrincipalContext PrincipalContext4 = new PrincipalContext(ContextType.Domain, "full_domain_name.com", "OU=User_OU,DC=domain_name,DC=co,DC=id", _adminID, _adminPassword);
UserPrincipal UserPrincipal1 = new UserPrincipal(PrincipalContext4, user.userID, user.password, true);
//User Logon Name
UserPrincipal1.UserPrincipalName = user.userID;
UserPrincipal1.Name = user.firstName + " " + user.lastName;
UserPrincipal1.GivenName = user.firstName;
UserPrincipal1.Surname = user.lastName;
UserPrincipal1.DisplayName = user.firstName + " " + user.lastName;
UserPrincipal1.Enabled = true;
UserPrincipal1.Save();
I still don't know why I use DirectoryEntry is not working on windows server 2019
That't not the exact error message,real error must be wrapped.You can write loggers or event logging after lines which you think could be culprit.You can check event log on that server if you can find elaborated stack Trace. You can check that user have admin privilege for that server to lookup in AD.
I use FW 4.5 and develop Add-in for WORD 2016.
In add-in I need search in AD, I use the next code :
string ldapPath = "LDAP://OU=Ingegneria,DC=xxx,DC=xxx";
DirectoryEntry searchRoot = GetEntry(ldapPath, adminUser, adminPassword);
DirectorySearcher search = new DirectorySearcher(searchRoot)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add("distinguishedname");
SearchResultCollection result = search.FindOne();
Every query take about 800 miliseconds.
BUT At the same computer , same code outside of add-in(tester) :
first search take about 800 miliseconds , and after this every search take about 25 miliseonds.
What the problem with add-in? And what can I do ?
Does it help if you cache the DirectoryEntry and DirectorySearcher?
Try this:
DirectoryEntry searchRoot;
DirectorySearcher search;
public SearchResultCollection SearchAd(string prop){
// Define other methods and classes here
string ldapPath = "LDAP://OU=Ingegneria,DC=xxx,DC=xxx";
searchRoot = searchRoot ?? GetEntry(ldapPath, adminUser, adminPassword);
search = search ?? new DirectorySearcher(searchRoot)
{
SearchScope = SearchScope.Subtree,
Filter = "(&" +
"(objectClass=user)" +
"(givenname=s*)" +
"(samaccountname=*100)" +
")"
};
search.PropertiesToLoad.Add(prop);
return search.FindOne();
}
I wrote this method, but it throws System.ArgumentException if "uid" has ' symbols in.
public void Init(string constr)
{
var server = "a222068_6.mysql.mchost.ru";
var database = "'a222068_6'";
var uid = "'a222068_6'#'10.0.2.13'";
var pass = "pass";
constr = "SERVER=" + server + ";DATABASE=" + database + ";UID=" + uid + ";PASSWORD=" + pass + ";SSL Mode=None;";
cnt = new MySqlConnection(constr); // Exception is thrown here
}
Exception message on attempt to connect without '
Authentication to host 'a222068_6.mysql.mchost.ru' for user 'a222068_6#10.0.2.13' using method 'mysql_native_password' failed with message: Access denied for user 'a222068_6#10.0.2.13'#'localhost' (using password: YES)
Change
var uid = "'a222068_6'#'10.0.2.13'";
to
var uid = #"a222068_6#10.0.2.13";
Use a verbatim string literal:
Verbatim string literals start with # and are also enclosed in double quotation marks.
And there are several other StackOverflow answers with examples of how to use MySqlConnectionStringBuilder, such as this one:
var connectionStringBuilder = new MySqlConnectionStringBuilder
{
Server = "<instanceIp>",
UserID = "<userId>",
Password = "<password>",
Database = "<databaseName>",
CertificateFile = #"<Path_To_The_File>\client.pfx",
CertificatePassword = "<Password_For_The_Cert>"
};
var conn = new MySqlConnection(connectionStringBuilder.ToString())
how to enable a user to access vpn in active directory using c# programming language.
string username = "Abc user";
string _path;
string _filterAttribute;
try
{
DirectoryEntry myLdapconnection=new DirectoryEntry("domain");
myLdapconnection.Path = "LDAP://OU=,OU=,DC=,DC=,DC=";
myLdapconnection.AuthenticationType = AuthenticationTypes.Secure;
object obj = myLdapconnection.NativeObject;
DirectorySearcher search = new DirectorySearcher(myLdapconnection);
search.Filter = "(cn=" + username + ")";
search.PropertiesToLoad.Add("cn");
SearchResult result = search.FindOne();
s="True";
if (null == result)
{
s= "false";
}
// Update the new path to the user in the directory.
_path = result.Path;
_filterAttribute = (string)result.Properties["cn"][0];
}
catch (Exception ex)
{
s="Error authenticating user. " + ex.Message;
}
from the above code what the function of following statement is?
object obj = myLdapconnection.NativeObject;
Is this the statement to enable vpn?
if I add user to group then will he can use vpn connection?
Since obj is not used in the above code; it has no function and has nothing to do with VPN.
The code seems like it is trying to verify that a user exists, BUT it is weird.
I'm trying to query the global catalog and bind to port 3268 with C# in order to get users from the domain AND its children domains, but I get error "domain name format specified is not valid". Here's the sample code I'm using :
PrincipalContext context = new PrincipalContext(ContextType.Domain);
string path = "LDAP://" + context.ConnectedServer + ":3268/rootDSE";
DirectoryEntry searchRoot = new DirectoryEntry(path);
string configNC = searchRoot.Properties["configurationNamingContext"].Value.ToString();
DirectoryEntry configSearchRoot = new DirectoryEntry("LDAP://" + context.ConnectedServer + ":3268/" + configNC);
DirectorySearcher configSearch = new DirectorySearcher(configSearchRoot);
configSearch.Filter = ("(NETBIOSName=*)");
configSearch.PropertiesToLoad.Add("dnsroot");
configSearch.PropertiesToLoad.Add("ncname");
configSearch.PropertiesToLoad.Add("NETBIOSName");
SearchResultCollection forestPartitionList = configSearch.FindAll();
//(...)