I'm trying to get my program checking Active Directory to see if the user is a member of certain groups. I got it working, tested, etc. So I was very surprised when I deployed the program (just copying the .exe to their computer as I have in the past) and it wouldn't work for anyone!
I've tried it from multiple computers under multiple users, and it only runs under my username, but then works fine from any computer when *I* log in. I had a coworker with the same local and domain privileges and group memberships as me log into a computer and it wouldn't even work under her login! The group-checking function is done under a method called authenticateUse r(), and if I just skip the call to that method the program works fine when deployed to all users - so that rules out file-level security. I'm fresh out of ideas and can't seem to find anything online. If anyone knows offhand what might be the problem that'd be great. Is there a way to debug from VS05 under a different user-name? That way I could at least track down more detail on the problem. Only other detail I can think to mention is that this is the first change I've made since migrating to a Vista machine, which I *hate* btw (still with VS05). Let me know if you have any ideas, my code is below:
I've tried it from multiple computers under multiple users, and it only runs under my username, but then works fine from any computer when *I* log in. I had a coworker with the same local and domain privileges and group memberships as me log into a computer and it wouldn't even work under her login! The group-checking function is done under a method called authenticateUse r(), and if I just skip the call to that method the program works fine when deployed to all users - so that rules out file-level security. I'm fresh out of ideas and can't seem to find anything online. If anyone knows offhand what might be the problem that'd be great. Is there a way to debug from VS05 under a different user-name? That way I could at least track down more detail on the problem. Only other detail I can think to mention is that this is the first change I've made since migrating to a Vista machine, which I *hate* btw (still with VS05). Let me know if you have any ideas, my code is below:
Code:
private void authenticateUser()
{
DirectoryEntry de = new DirectoryEntry();
de.Path = "WinNT://myDomain/" + SystemInformation.UserName.ToString() + ",user";
_Teller = de.Properties["FullName"].Value.ToString();
_Client = SystemInformation.ComputerName.ToString();
Program._Teller = _Teller;
//THE ABOVE WORKS FINE TO FIND THE LOGGED-IN USER'S NAME, HAS BEEN IN PRODUCTION FOR SEVERAL VERSIONS
DirectoryEntry DE = new DirectoryEntry("LDAP://myDomain.com");
DirectorySearcher search = new DirectorySearcher();
search.SearchRoot = DE;
search.Filter = "(givenName=" + SystemInformation.UserName.ToString() + ")";
search.PropertiesToLoad.Add("memberOf");
// THE ABOVE IS NEW, ALONG WITH ANYTHING RELATED BELOW
try
{
SearchResult result = search.FindOne();
//I THINK THE ABOVE LINE IS WHERE THE FAILURE ULTIMATELY OCCURS
int propertyCount = result.Properties["memberOf"].Count;
string dn;
for (int propertyCounter = 0; propertyCounter < propertyCount; propertyCounter++)
{
dn = (string)result.Properties["memberOf"][propertyCounter];
try { dn = dn.Replace("CN=", ""); } catch { }
try { dn = dn.Replace("OU=", ""); } catch { }
try { dn = dn.Remove(dn.IndexOf(",")); } catch { }
switch (dn)
{
case "Auditor":
if (_SupervisorLevel < 2) { _SupervisorLevel = 2; }
break;
case "Cashier":
if (_SupervisorLevel < 3) { _SupervisorLevel = 3; }
break;
case "Supervisor":
if (_SupervisorLevel < 5) { _SupervisorLevel = 5; }
break;
case "Assistant Manager":
if (_SupervisorLevel < 7) { _SupervisorLevel = 7; }
break;
case "Manager":
if (_SupervisorLevel < 9) { _SupervisorLevel = 9; }
break;
}
}
}
catch (Exception ex)
{
throw new Exception("Error: " + ex.Message);
}
if (_SupervisorLevel == 2)
{
//Do Stuff
}
if (_SupervisorLevel >= 3)
{
//Do Stuff
}
if (_SupervisorLevel >= 5)
{
//Do Stuff
}
}
Comment