Q; Accessing AD in ASP.Net

Re: Q; Accessing AD in ASP.Net

On Jul 12, 2:50 am, JIM.H. <J...@discussio ns.microsoft.co mwrote:1. Active Directory must be compatible with your computer, I guess.
2. In most cases you would need to have a domain user.
3. No, you can delegate rights to create users in AD to non-domain
admins
4. In AD

I suggest you post in microsoft.publi c.windows.serve r.active_direct ory
or a similar, for more expert help with this, as it's something you'd
need to manage in AD rather than at the ASP.NET.

Also please check threads in microsoft.­publ ic.­dotnet.­fra mework.­
aspnet.­securit y

Hope this helps

Re: Q; Accessing AD in ASP.Net

"JIM.H." <JIMH@discussio ns.microsoft.co mwrote in message
news:7303E2E3-AABB-4A6A-B403-5886D678032D@mi crosoft.com...
Not usually. So long as you're using ASP.NET 3.5, you'll be able to query
all existing Active Directory catalogs...
Yes. The default account under which ASP.NET runs normally does not have
sufficient privilegs to be able to query Active Directory. However, any
domain user account usually does. You might want your web app to run under a
domain user account via impersonation, or just the subection which queries
AD - there are dozens of articles on the web about running ASP.NET under
different accounts to gain (temporary) access to more privileged
resources...
Doesn't need to be a domain admin just to query Active Directory. However,
actions which involve writing to Active Directory usually require more
elevated privileges than come as standard with a domain user account.
Impossible to tell in your particular case without knowing how your network
security has been configured...
Generally speaking, a domain user account will have read access to AD
only...

You might get a better response if you post in:
microsoft.publi c.adsi.general. Basically, anything Joe Kaplan tells you can
be taken as gospel...


--
Mark Rae
ASP.NET MVP