Announcement

Collapse
No announcement yet.

LDAP Call in ASP page no longer works

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • LDAP Call in ASP page no longer works

    Hi all

    I have a Classic ASP page that made an LDAP call to our Domain Controllers to find out the group membership of the logged on user. Since our Network Admin demoted the two old Windows Server 2003 Domain Controllers and promoted two Windows Server 2008 R2 servers the page now fails at
    Code:
     Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
    (see code) with the error 800704bc.

    Code:
    Dim Strgroups
    
    Const STAFF_GROUP = "cn=staff"
    Const STUDENT_GROUP = "cn=student"
    
    Set ADSysInfo = CreateObject("ADSystemInfo")
    Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
    
    If IsArray(CurrentUser.MemberOf) Then
            strGroups = LCase(Join(CurrentUser.MemberOf))
    Else
            strGroups = LCase(CurrentUser.MemberOf)
    End If
    Any help is appreciated. Thanks in advance.
    Server 2000 MCP
    Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

  • #2
    Re: LDAP Call in ASP page no longer works

    There have clearly been changes:
    http://support.microsoft.com/kb/2009267

    What data does the CreateObject return?

    Of course, you could always try applying the fix here: http:// www .repairyourerror .com/fix-0x800704bc that claims to sort your particular error message

    Note for readers who may be tempted to follow that link -- it looks suspiciously like a fake AV app
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: LDAP Call in ASP page no longer works

      Ok, now getting error '800706d9'.

      However if I change this line:

      Code:
      Set CurrentUser = GetObject("LDAP://" & ADSysInfo.UserName)
      to

      Code:
      Set CurrentUser = GetObject("LDAP://CN=Chris Eden-Pratt,OU=myOU,DC=mydomain,DC=local")
      It (eventually) loads and works. I'm wondering if a firewall rule is needed to open a new port perhaps?

      The original page works fine on my PC now (forgot to enable integrated auth ) which is in the same network as the DC's. The server hosting the page is our Exchange 2003 front end server which is in the DMZ.
      Server 2000 MCP
      Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Re: LDAP Call in ASP page no longer works

        This is a bit odd... fired in an 'any-any' rule in... pages loads as expected, no errors.

        Take out the rule and.... it still works! Huh?!?! Some information needed to be cached by the Exchange server perhaps?
        Server 2000 MCP
        Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

        Comment


        • #5
          Re: LDAP Call in ASP page no longer works

          After a while it has now stopped working again. What port am I missing that needs to be open for this to work?
          Server 2000 MCP
          Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          Comment


          • #6
            Re: LDAP Call in ASP page no longer works

            I needed to open the high ports (1024+) for RPC it seems. Might look at locking RPC to one port.
            Server 2000 MCP
            Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

            ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

            Comment


            • #7
              Re: LDAP Call in ASP page no longer works

              Did you spot this link:
              http://support.microsoft.com/kb/832017
              Tom Jones
              MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
              PhD, MSc, FIAP, MIITT
              IT Trainer / Consultant
              Ossian Ltd
              Scotland

              ** Remember to give credit where credit is due and leave reputation points where appropriate **

              Comment


              • #8
                Re: LDAP Call in ASP page no longer works

                Originally posted by Ossian View Post
                I did buddy and that is where I saw this:

                RPC randomly allocated high TCP ports TCP 1024 - 65535

                Also got this link for nailing down the RPC ports:

                http://support.microsoft.com/kb/154596/
                Server 2000 MCP
                Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog http://tonyyeb.blogspot.com

                ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                Comment

                Working...
                X