Search Results

Search found 28288 results on 1132 pages for 'home directory'.

Page 166/1132 | < Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173  | Next Page >

  • AD - Using UserPrincipal.FindByIdentity and PrincipalContext with nested OU - C#

    - by Solid Snake
    Here is what I am trying to achieve: I have a nested OU structure that is about 5 levels deep. OU=Portal,OU=Dev,OU=Apps,OU=Grps,OU=Admin,DC=test,DC=com I am trying to find out if the user has permissions/exists at OU=Portal. Here's a snippet of what I currently have: PrincipalContext domain = new PrincipalContext( ContextType.Domain, "test.com", "OU=Portal,OU=Dev,OU=Apps,OU=Grps,OU=Admin,DC=test,DC=com"); UserPrincipal user = UserPrincipal.FindByIdentity(domain, myusername); PrincipalSearchResult<Principal> group = user.GetAuthorizationGroups(); For some unknown reason, the value user generated from the above code is always null. However, if I were to drop all the OU as follows: PrincipalContext domain = new PrincipalContext( ContextType.Domain, "test.com", "DC=test,DC=com"); UserPrincipal user = UserPrincipal.FindByIdentity(domain, myusername); PrincipalSearchResult<Principal> group = user.GetAuthorizationGroups(); this would work just fine and return me the correct user. I am simply trying to reduce the number of results as opposed to getting everything from AD. Is there anything that I am doing wrong? I've googled for hours and tested various combinations without much luck. Any help is appreciated. Thanks. Dan

    Read the article

  • How to get foreignSecurityPrincipal from group. using DirectorySearcher

    - by kain64b
    What I tested with 0 results: string queryForeignSecurityPrincipal = "(&(objectClass=foreignSecurityPrincipal)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))"; sidsForeign = GetUsersSidsByQuery(groupName, string.Format(queryForeignSecurityPrincipal, groupPrincipal.DistinguishedName, 0, 0)); public IList<SecurityIdentifier> GetUsersSidsByQuery(string groupName, string query) { List<SecurityIdentifier> results = new List<SecurityIdentifier>(); try{ using (var context = new PrincipalContext(ContextType.Domain, DomainName, User, Password)) { using (var groupPrincipal = GroupPrincipal.FindByIdentity(context, IdentityType.SamAccountName, groupName)) { DirectoryEntry directoryEntry = (DirectoryEntry)groupPrincipal.GetUnderlyingObject(); do { directoryEntry = directoryEntry.Parent; } while (directoryEntry.SchemaClassName != "domainDNS"); DirectorySearcher searcher = new DirectorySearcher(directoryEntry){ SearchScope=System.DirectoryServices.SearchScope.Subtree, Filter=query, PageSize=10000, SizeLimit = 15000 }; searcher.PropertiesToLoad.Add("objectSid"); searcher.PropertiesToLoad.Add("distinguishedname"); using (SearchResultCollection result = searcher.FindAll()) { foreach (var obj in result) { if (obj != null) { var valueProp = ((SearchResult)obj).Properties["objectSid"]; foreach (var atributeValue in valueProp) { SecurityIdentifier value = (new SecurityIdentifier((byte[])atributeValue, 0)); results.Add(value); } } } } } } } catch (Exception e) { WriteSystemError(e); } return results; } I tested it on usual users with query: "(&(objectClass=user)(memberof:1.2.840.113556.1.4.1941:={0})(uSNChanged>={1})(uSNChanged<={2}))" and it is work, I test with objectClass=* ... nothing help... But If I call groupPrincipal.GetMembers,I get all foreing user account from group. BUT groupPrincipal.GetMembers HAS MEMORY LEAK. Any Idea how to fix my query????

    Read the article

  • Invalid or expired security context token in WCF web service

    - by Damian
    All, I have a WCF web service (let's called service "B") hosted under IIS using a service account (VM, Windows 2003 SP2). The service exposes an endpoint that use WSHttpBinding with the default values except for maxReceivedMessageSize, maxBufferPoolSize, maxBufferSize and some of the time outs that have been increased. The web service has been load tested using Visual Studio Load Test framework with around 800 concurrent users and successfully passed all tests with no exceptions being thrown. The proxy in the unit test has been created from configuration. There is a sharepoint application that use the Office Sharepoint Server Search service to call web services "A" and "B". The application will get data from service "A" to create a request that will be sent to service "B". The response coming from service "B" is indexed for search. The proxy is created programmatically using the ChannelFactory. When service "A" takes less than 10 minutes, the calls to service "B" are successfull. But when service "A" takes more time (~20 minutes) the calls to service "B" throw the following exception: Exception Message: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail Inner Exception Message: The message could not be processed. This is most likely because the action 'namespace/OperationName' is incorrect or because the message contains an invalid or expired security context token or because there is a mismatch between bindings. The security context token would be invalid if the service aborted the channel due to inactivity. To prevent the service from aborting idle sessions prematurely increase the Receive timeout on the service endpoint's binding. The binding settings are the same, the time in both client server and web service server are synchronize with the Windows Time service, same time zone. When i look at the server where web service "B" is hosted i can see the following security errors being logged: Source: Security Category: Logon/Logoff Event ID: 537 User NT AUTHORITY\SYSTEM Logon Failure: Reason: An error occurred during logon Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Status code: 0xC000006D Substatus code: 0xC0000133 After reading some of the blogs online, the Status code means STATUS_LOGON_FAILURE and the substatus code means STATUS_TIME_DIFFERENCE_AT_DC. but i already checked both server and client clocks and they are syncronized. I also noticed that the security token seems to be cached somewhere in the client server because they have another process that calls the web service "B" using the same service account and successfully gets data the first time is called. Then they start the proccess to update the office sharepoint server search service indexes and it fails. Then if they called the first proccess again it will fail too. Has anyone experienced this type of problems or have any ideas? Regards, --Damian

    Read the article

  • How to remove illegal characters from path and filenames?

    - by Gary Willoughby
    I need a robust and simple way to remove illegal path and file characters from a simple string. I've used the below code but it doesn't seem to do anything, what am i missing? using System; using System.IO; namespace ConsoleApplication1 { class Program { static void Main(string[] args) { string illegal = "\"M<>\"\\a/ry/ h**ad:>> a\\/:*?\"<>| li*tt|le|| la\"mb.?"; illegal = illegal.Trim(Path.GetInvalidFileNameChars()); illegal = illegal.Trim(Path.GetInvalidPathChars()); Console.WriteLine(illegal); Console.ReadLine(); } } }

    Read the article

  • Can a Silverlight application authenticate versus a local LDAP/ActiveDirectory Server

    - by caryden
    If I have an externally hosted application (www.outside.com) outside the firewall but users within a company wanted to be able to enable LDAP authentication against their local (behind the firewall) AD server (acting as LDAP) or other LDAP server (call it ldap.inside.com), how would this be done. It seems technically possible in that when a user tried to login to outside.com through a client-side silverlight interface, that the SL app could connect to the outside.com login service and be told to authenticate that user against ldap.inside.com. The SL app would make the calls to ldap.inside.com to authenticate the user. Of course, there is the issue of how the server is notified securely that the client authenticated itself...Has anyone done this?

    Read the article

  • Extending GroupPrincipal and Members property

    - by Paolo Tedesco
    I want to extend the GroupPrincipal class to handle some custom properties: using System.DirectoryServices.AccountManagement; [DirectoryRdnPrefix("CN")] [DirectoryObjectClass("group")] public class MyGroupPrincipal : GroupPrincipal { // ... } How could I override the Members property for MyGroupPrincipal so that if it has a member that is a group an instance of MyGroupPrincipal and not of GroupPrincipal is returned? I would like to write e.g. MyGroupPrincipal group = GetGroup(); foreach (var m in group.Members) { if (m is MyGroupPrincipal) { // always fails: m is a normal GroupPrincipal // do something } }

    Read the article

  • TFS - How much nesting on disk structure

    - by NealWalters
    We just got TFS installed and ready go. I'm trying to decide on the disk structure. Let's suppose I have two BizTalk projects called Common and BookTransfer (in actuality I have 7). [At this client, we adopted the style of having schemas, orchs, maps in one project called BizTalk.Artifacts]. A folder with the name "components" is C# code. We are using a CodePlex tool called BizTalk deployment framework which somewhat dictates part of the structure. I'm trying to decide how much nesting we should do on the disk directories (EC is the application name, and Common/BookTransfer or BizTalk Applications separated out for easier deploy/undeploy). Proposal #1: -EC - Main - Source - Common - Company.EC.Common.Biztalk.Artifacts [folder] - Company.EC.Common.BizTalk.Components [folder] - Company.EC.Common.Biztalk.Deployment [folder] - Company.EC.BookTransfer.BizTalk.sln - BookTransfer - Company.EC.BookTransfer.BizTalk.Artifacts [folder] - Company.EC.BookTransfer.BizTalk.Components [folder] - Company.EC.BookTransfer.BizTalk.Components.UnitTest [folder] - Company.EC.BookTransfer.BizTalk.Deployment [folder] - Company.EC.BookTransfer.BizTalk.sln Proposal #2 - a flatter approach -EC - Main - Source - Company.EC.Common.BizTalk.sln - Company.EC.BookTransfer.BizTalk.sln - Company.EC.Common.Biztalk.Artifacts [folder] - Company.EC.Common.BizTalk.Components [folder] - Company.EC.Common.Biztalk.Deployment [folder] - Company.EC.BookTransfer.BizTalk.Artifacts [folder] - Company.EC.BookTransfer.BizTalk.Components [folder] - Company.EC.BookTransfer.BizTalk.Components.UnitTest [folder] - Company.EC.BookTransfer.BizTalk.Deployment [folder] Current Structure (perhaps too many nested folders) Main Source Company EC Common BizTalk -Company .EC.Common.Biztalk.Artifacts [folder] -Company .EC.Common.BizTalk.Components [folder] -Company .EC.Common.Biztalk.Deployment [folder] Company.EC.BookTransfer.BizTalk.sln BookTransfer BizTalk Company.EC.BookTransfer.BizTalk.Artifacts [folder] Company.EC.BookTransfer.BizTalk.Components [folder] Company.EC.BookTransfer.BizTalk.Components.UnitTest [folder] Company.EC.BookTransfer.BizTalk.Deployment [folder] Company.EC.BookTransfer.BizTalk.sln Thanks, Neal Walters

    Read the article

  • Request a user's roles in AD when caller is not in domain

    - by grootjans
    I would like to get a user's group memberships in an ActiveDirectory, without being in the domain. When I run this inside the domain, all is well. var context = new PrincipalContext(ContextType.Domain); var principal = UserPrincipal.FindByIdentity(context, IdentityType.Name, "administrator"); foreach (var authorizationGroup in principal.GetAuthorizationGroups()) { Console.WriteLine(authorizationGroup.Name); } However, when I run outside the domain, I have to specify the PrincipalContext lie this: var context = new PrincipalContext(ContextType.Domain, "10.0.1.255", "DC=test,DC=ad,DC=be", "administrator", "password"); When I run this code, I get an exception when I execute principal.GetAuthorizationGroups(). The exception I get is: System.DirectoryServices.AccountManagement.PrincipalOperationException: Information about the domain could not be retrieved (1355). at System.DirectoryServices.AccountManagement.Utils.GetDcName(String computerName, String domainName, String siteName, Int32 flags) at System.DirectoryServices.AccountManagement.ADStoreCtx.LoadDomainInfo() at System.DirectoryServices.AccountManagement.ADStoreCtx.get_DnsDomainName() at System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) at System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() at System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups()

    Read the article

  • How to check whether a user belongs to an AD group and nested groups?

    - by elsharpo
    hi guys, I have an ASP.NET 3.5 application using Windows Authentication and implementing our own RoleProvider. Problem is we want to restrict access to a set of pages to a few thousand users and rathern than inputing all of those one by one we found out they belong to an AD group. The answer is simple if the common group we are checking membership against the particular user is a direct member of it but the problem I'm having is that if the group is a member of another group and then subsequently member of another group then my code always returns false. For example: Say we want to check whether User is a member of group E, but User is not a direct member of *E", she is a member of "A" which a member of "B" which indeed is a member of E, therefore User is a member of *E" One of the solutions we have is very slow, although it gives the correct answer using (var context = new PrincipalContext(ContextType.Domain)) { using (var group = GroupPrincipal.FindByIdentity(context, IdentityType.Name, "DL-COOL-USERS")) { var users = group.GetMembers(true); // recursively enumerate return users.Any(a => a.Name == "userName"); } } The original solution and what I was trying to get to work, using .NET 3.5 System.DirectoryServices.AccountManagement and it does work when users are direct members of the group in question is as follows: public bool IsUserInGroup(string userName, string groupName) { var cxt = new PrincipalContext(ContextType.Domain, "DOMAIN"); var user = UserPrincipal.FindByIdentity(cxt, IdentityType.SamAccountName, userName); if (user == null) { return false; } var group = GroupPrincipal.FindByIdentity(cxt, groupName); if (group == null) { return false; } return user.IsMemberOf(group); } The bottom line is, we need to check for membership even though the groups are nested in many levels down. Thanks a lot!

    Read the article

  • using a "temporary files" folder in python

    - by zubin71
    I recently wrote a script which queries PyPI and downloads a package; however, the package gets downloaded to a user defined folder. I`d like to modify the script in such a way that my downloaded files go into a temporary folder, if the folder is not specified. The temporary-files folder in *nix machines is "/tmp" ; would there be any Python method I could use to find out the temporary-files folder in a particular machine? If not, could someone suggest an alternative to this problem?

    Read the article

  • Get a list of members of a WinNT group (C#)

    - by Keith Moore
    There are a couple of questions similar to this on stack overflow but not quite the same. I want to open, or create, a local group on a win xp computer and add members to it, domain, local and well known accounts. I also want to check whether a user is already a member so that I don't add the same account twice, and presumably get an exception. So far I started using the DirectoryEntry object with the WinNT:// provider. This is going ok but I'm stuck on how to get a list of members of a group? Anyone know how to do this? Or provide a better solution than using DirectoryEntry?

    Read the article

  • compare two windows paths, one containing tilde, in python

    - by Steve Cooper
    I'm trying to use the TMP environment variable in a program. When I ask for tmp = os.path.expandvars("$TMP") I get C:\Users\STEVE~1.COO\AppData\Local\Temp Which contains the old-school, tilde form. A function I have no control over returns paths like C:\Users\steve.cooper\AppData\Local\Temp\file.txt My problem is this; I'd like to check if the file is in my temp drive, but I can't find a way to compare them. How do you tell if these two Windows directories; C:\Users\STEVE~1.COO\AppData\Local\Temp C:\Users\steve.cooper\AppData\Local\Temp are the same?

    Read the article

  • Replace text in folder names

    - by dannyb
    How can I replace the same text in folder names in linux? Say I have "Photos_Jun", "Photos_July", "Photos_Aug", etc. whats the simplest way I can rename them like "Photos Jun", "Photos July", etc (basically I want to replace the underscore with a space " ". I have about 200 of these folders. I was looking at solution: http://stackoverflow.com/questions/1836563/how-can-i-easily-bulk-rename-files-with-perl It looks like what im looking for however, I dont know how to make a regular expression to match folders that are alphanumeric followed by a "_". All files have non-numeric names, so I think [a-zA-Z] is the right way to start. perl -e 'foreach $f (glob("File\\ Name*")) { $nf = $f; $nf =~ s/(\d+)$/sprintf("%03d",$1)/e; print `mv \"$f\" \"$nf\"`;}' Thanks for any help!

    Read the article

  • Browsing a Folder

    - by Md. Rashim Uddin
    browser.BrowseObject(PIDLFromPath, NativeMethods.SBSP_ABSOLUTE); It works great in explorer, and for the common dialog. However, when running Office XP, it goes nuts. The view on the screen is refreshed, and shows the contents of the new folder correctly. However, the Combo Box up the top of the dialog still references the original IShellFolder object where the Context menu was initiated. How should I change this IShellFiolder object in the Combo Box?

    Read the article

  • LDAP Query with sub result

    - by StefanE
    I have been banging my head for quite a while with this and can't get it to work. I have a LDAP Query I do have working in AD Users and Computers but dont know how to do it programatically in C#. Here are my LDAP Query that works fine in the AD Tool: (memberOf=CN=AccRght,OU=Groups,OU=P,OU=Server,DC=mydomain,DC=com)(objectCategory=user)(objectClass=user)(l=City) I have used this code to get the user accounts to get members of CN=AccRght but I'm not succeeding on limiting users belonging to a specific city. public StringCollection GetGroupMembers(string strDomain, string strGroup) { StringCollection groupMemebers = new StringCollection(); try { DirectoryEntry ent = new DirectoryEntry("LDAP://DC=" + strDomain + ",DC=com"); DirectorySearcher srch = new DirectorySearcher("(CN=" + strGroup + ")"); SearchResultCollection coll = srch.FindAll(); foreach (SearchResult rs in coll) { ResultPropertyCollection resultPropColl = rs.Properties; foreach( Object memberColl in resultPropColl["member"]) { DirectoryEntry gpMemberEntry = new DirectoryEntry("LDAP://" + memberColl); System.DirectoryServices.PropertyCollection userProps = gpMemberEntry.Properties; object obVal = userProps["sAMAccountName"].Value; if (null != obVal) { groupMemebers.Add(obVal.ToString()); } } } } catch (Exception ex) { Console.Write(ex.Message); } return groupMemebers; } Thanks for any help!

    Read the article

  • need help passing multiple variables from foreach loop to test in switch case statement

    - by Brad
    $list_of_groups = array("FACULTY","STAFF"); foreach ($list_of_groups as $i => $group) { $user_in_group = $adldap->user_ingroup($username,$group); print "<h2>Group: ".$group." user in group? ".$user_in_group."</h2>"; // if 1, means yes } Need to print run the appropriate function based on what returns true. There are user's that are members of both FACULTY and STAFF groups, so I want to check for those users and display the appropriate content for them. So if the user is both faculty and staff, then display this, if they are only of staff, display that, same for faculty, might not make sense, but I will write out some code "in theory" that will help you understand what I am trying to do switch(Get group membership of user) { case "FACULTY": print "Faculty group member"; break; case "STAFF": print "Staff group member"; break; case "FACULTY and STAFF": print "Member of both faculty and staff"; break; } I am unsure on how it will check if they are members of both groups and run that thru the case statement to display the appropriate message. The foreach look currently runs thru every group the user belongs to, prints out the ones from the $list_of_groups and the number 1 to the right of it, signifying they belong to it. The problem I have is trying to use that information to run thru the case statement, I am unsure of how to go about that. This is what it prints out for the user currently passed thru the foreach loop: Group: FACULTY user in group? 1 Group: STAFF user in group? 1 Any help is appreciated.

    Read the article

  • System.DirectoryServices.AccountManagement not working on the server

    - by mlsteeves
    I am using System.DirectoryServices.AccountManagement to find the logged-in user's AD entry. It is working great in the VS2008 WebDev server on developers machines. But when we installed the code on the development server (windows server 2008), we get an access error. Both the developer's machine and the development server are members of the same domain. We have Impersonation turned on, so we are connecting to AD with the same user credentials. What are we missing here? Why is it working on the developer's machine, but not the development server? The actual exception that we were receiving was "An operations error occurred".

    Read the article

  • Use default credentials in order to call DirectoryEntry

    - by Copeleto
    Hi, I am working in a Login page and teh logic is like - try { DirectoryEntry LDAPLogin = new DirectoryEntry(ConfigurationSettings.AppSettings ["LDAPPath"].ToString(), Usuario, Txt_Contrasenia.Text.ToString()); if (LDAPLogin.NativeGuid != LDAPLogin.Name) ValidarGrupo(); } catch (Exception exc) { Label_Info.Text = "Sus credenciales no son validas: " + Usuario.ToString() + " " + exc.Message; } If the user enters the rights credentials I call a method ValidarGrupo that implements a lookup in the AD for a group of the user I would like to replace the username and password with UseDefaultCredentials in order to avoid that the user has to enter the username and password and the Login pages use the credentials of the user that is login on the machine.

    Read the article

  • Unlocking Locked Out accounts using PowerShell (not with Quest AD cmdlets)

    - by Jonny
    I'm writing a GUI tool using PowerShell that is able to do most AD related tasks with just a user name and button click. I've done all the usual ones (Create / Remove Users, Create / Remove Security & Distribution Groups, Resetting Passwords, etc) but can't find away of unlocking a "Locked Out" account. I'm trying to do this without using Quest AD cmdlets as I want a more stand alone solution. So I'm wondering whether is possible with plain PowerShell (1.0 or 2.0) in a Windows 2003 Domain. Many thanks.

    Read the article

< Previous Page | 162 163 164 165 166 167 168 169 170 171 172 173  | Next Page >