Delegation to AD using WIA and ASP

Delegation to AD using WIA and ASP

am 09.03.2007 15:30:17 von mike.varley1

Hi

We're struggling with a problem involving ASP code that needs to
retreive the site users AD groups. I have read that WIA will not do
pass through authentication as so the code cannot query directly - we
currently get a 'table does not exist' error. (The AD is running in
2000 native mode by the way.)

Is it possible to get this to work by having the application pool run
using a domain account and if so what steps do we need to take to make
this work? Do we for instance need to enable the account for
delegation on the account tab in AD?

Another method I have heard about involves integrating a login and
password into the LDAP query. Is this possible. Can anyone give and
example of a query with this syntax?

Thanks for you help

Mike

Re: Delegation to AD using WIA and ASP

am 10.03.2007 18:48:14 von Ken Schaefer

Hi,

Steps for configuring delegation of the user's credentials are here:
http://www.adopenstatic.com/cs/blogs/ken/archive/2007/01/27/ 1282.aspx

Cheers
Ken


wrote in message
news:1173450617.537219.272210@30g2000cwc.googlegroups.com...
> Hi
>
> We're struggling with a problem involving ASP code that needs to
> retreive the site users AD groups. I have read that WIA will not do
> pass through authentication as so the code cannot query directly - we
> currently get a 'table does not exist' error. (The AD is running in
> 2000 native mode by the way.)
>
> Is it possible to get this to work by having the application pool run
> using a domain account and if so what steps do we need to take to make
> this work? Do we for instance need to enable the account for
> delegation on the account tab in AD?
>
> Another method I have heard about involves integrating a login and
> password into the LDAP query. Is this possible. Can anyone give and
> example of a query with this syntax?
>
> Thanks for you help
>
> Mike
>

Re: Delegation to AD using WIA and ASP

am 15.03.2007 16:24:45 von mike.varley1

Thanks Ken


On 10 Mar, 17:48, "Ken Schaefer"
wrote:
> Hi,
>
> Steps for configuring delegation of the user's credentials are here:http://www.adopenstatic.com/cs/blogs/ken/archive/2007/0 1/27/1282.aspx
>
> Cheers
> Ken
>
> wrote in message
>
> news:1173450617.537219.272210@30g2000cwc.googlegroups.com...
>
>
>
> > Hi
>
> > We're struggling with a problem involving ASP code that needs to
> > retreive the site users AD groups. I have read that WIA will not do
> > pass through authentication as so the code cannot query directly - we
> > currently get a 'table does not exist' error. (The AD is running in
> > 2000 native mode by the way.)
>
> > Is it possible to get this to work by having the application pool run
> > using a domain account and if so what steps do we need to take to make
> > this work? Do we for instance need to enable the account for
> > delegation on the account tab in AD?
>
> > Another method I have heard about involves integrating a login and
> > password into the LDAP query. Is this possible. Can anyone give and
> > example of a query with this syntax?
>
> > Thanks for you help
>
> > Mike- Hide quoted text -
>
> - Show quoted text -