I am trying to authenticate using active directory and C#. The code is working on IIS Express under Visual Studio 15 but when I deploy my project to an IIS server, the LDAP connection returns the following error :
"The Supplied Credential is invalid"
Here is the code I am using:
public static dynamic AuthenticationUser(string username, string password)
{
bool validation;
try
{
var credentials = new NetworkCredential(username, password, "somedomain");
var serverId = new LdapDirectoryIdentifier("someserver");
LdapConnection conn = new LdapConnection(new LdapDirectoryIdentifier((string)null, false, false));
conn.Credential = credentials;
conn.AuthType = AuthType.Negotiate;
conn.Bind(credentials);
validation = true;
}
catch (LdapException ex)
{
validation = false;
return ex.Message;
}
Everything is OK when I debug with Visual Studio, I can verify and validate that the user exists on the AD server, but with IIS server the error occurs.
Update
I fixed this issue by disabling the domain controller on the IIS server.
I fixed this issue by disabling the domain controller on the IIS server.
Related
I am creating a simple console application that connect to SharePoint Server 2016. However, I receiver error 401 unauthorized when it gets to context.ExecuteQuery. I have no issues connecting to SharePoint Online. The issue is perculiar to SharePoint Onpremise. Below is my code
string siteUrl = "http://abc.mysharepoint.local/sites/mysite";
string userName = "myname#domain.com";
string pwd = "mypassword";
string domain = "domain.com";
using (ClientContext ctx = new ClientContext(siteUrl))
{
try
{
ctx.AuthenticationMode = ClientAuthenticationMode.Default;
ctx.Credentials = new System.Net.NetworkCredential(userName, pwd, domain);
ctx.Load(ctx.Web, w => w.Title, w => w.Description);
ctx.ExecuteQuery();
Console.WriteLine(ctx.Web.Title);
}
catch (Exception ex)
{
Console.WriteLine($"{ex.Message} ");
}
}
Please what could be the possible cause and how to resolve it. I have full admin right to the site and can access the site from the browser. I have the IP to the server configured on my computer host file.
I have checked the SharePoint Server and can confirm I have access and everything looks okay. I also tried with the credentials of a service account but am still getting same 401 unauthorized error though I have full admin access to the site.
I am coding an C# app that should connect to Exchange Server 2013 on-premise (Servers Location is not in our Company). I`ve got an account (User and Pass) with readonly admin-rights for now and want to read and set OutOfOffice Objects for other users. I decide to use EWS Managed API over Autodiscovery but I am bit confuse how.
I tried to connect with "service.UseDefaultCredentials = true" and read contacts -> this works.
try
{
ExchangeService _service = new ExchangeService(ExchangeVersion.Exchange2013_SP1);
_service.Credentials = new WebCredentials("service.exchange", "1234", "domain");
_service.TraceEnabled = true;
_service.TraceFlags = TraceFlags.All;
_service.UseDefaultCredentials = true;
_service.AutodiscoverUrl("user2#domain.net", RedirectionUrlValidationCallback);
foreach (Contact contact in _service.FindItems(WellKnownFolderName.Contacts, new ItemView(2)))
{
var test = contact;
}
}
catch (Exception exception)
{
Console.WriteLine(exception);
}
After that I tried the same with _service.UseDefaultCredentials = false; got error -> "The Autodiscover service couldn't be located." I am not shure if this "direct log on" is the right way, On msdn I've read about "delegate access" and "Impersonation" (NTLM and Basic Authentication) I'am a bit confused. Can anybody help me?
I wrote C# code to get email from Active Directory. It is working fine on my local system, but after hosting I am not getting email address. Followings are the things I already tried -
Changed application pool identity to NetworkService
Enabled Windows and Digest Authentications (both at the same time and one by one too)
Code:
using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, "comppany.com" , "DC=compnay,DC=com", ContextOptions.Negotiate))
// tried above and below//(ContextType.Domain, System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName))
{
// validate the credentials
bool isValid = pc.ValidateCredentials(Uid, Pwd);
if (isValid)
{
try
{
using (UserPrincipal up = UserPrincipal.FindByIdentity(pc, Uid))
{
return up != null && !String.IsNullOrEmpty(up.EmailAddress) ? up.EmailAddress : string.Empty;
}
//return "Validate successfully.";
}
catch (Exception ex)
{
return ex.Message;
}
}
}
Also tried following -
using (var connection = new DirectoryEntry())
{
using (var search = new DirectorySearcher(connection)
{
Filter = "(samaccountname=" + Uid + ")",
PropertiesToLoad = { "mail" },
})
{
return (string)search.FindOne().Properties["mail"][0];
}
}
None of them are working after hosting the app in IIS7.0
Please help.
Thanks
It will be because your user (i.e. you) will have rights to read from Active Directory, but the IIS user and Network Service won't.
Put a try catch round the using statement thing and you should see this in the exception.
There are alternative PrincipalContext constructors that allow you to specify the details of the user to connect as, or you could change the IIS app pool to run as a user with rights - I'd go with the PrincipalContext way though.
As a quick test try this version of the PrincipalContext constructor - put your username and password in the username and password paramemetrs and see if it works when hosted in IIS - if this works then you need to come up with some way of passing the user details in via config. (Generally a service account with only the rights to read, whose password does not change often is used for this)
I have an ASP MVC4 site. I have to create a folder on ftp server and I use this code:
FtpWebRequest ftpWebRequest = (FtpWebRequest)WebRequest.Create("ftp://mysite.altervista.org/newfolder");
ftpWebRequest.Method = WebRequestMethods.Ftp.MakeDirectory;
ftpWebRequest.UsePassive = true;
ftpWebRequest.EnableSsl = true;
ftpWebRequest.Credentials = new NetworkCredential("userTest", "psw123456");
ftpWebRequest.KeepAlive = true;
ftpWebRequest.UseBinary = true;
using (var resp = (FtpWebResponse)ftpWebRequest.GetResponse())
{
Console.WriteLine("Result: " + resp.StatusCode);
}
When I run my site in localhost everything works fine, but when I Publish my site to Azure Website, it returns me an exception: "The remote server returned an error: (530) Not logged in."
I think that the problem is not in my code, do I have to change some setting in Azure?
Thank you in advance
remove below 2 lines and try again
ftpWebRequest.UsePassive = true;
ftpWebRequest.EnableSsl = true;
Have tried to check some settings in your FTP server? Maybe, the incoming connections are blocked.
I have a client who is implementing customer portals in Sharepoint 2013 Online. The current program distributes documents to the customers by mail. Now we have to upload the documents to the customer portal.
I try to use the copy webservice in sharepoint. I created a test project and added the webservice as Web Reference and wrote the following testcode:
static void Main(string[] args)
{
string baseUrl = "https://mycustomer.sharepoint.com/sites/";
string customer = "customerportalname";
string serviceUrl = "/_vti_bin/copy.asmx";
string destinationDirectory = "/folder/";
string fileName = "uploaded.xml";
string username = "username#outlook.com";
string password = "password";
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.LoadXml("<fiets><onderdeel>voorwiel</onderdeel><onderdeel>achterwiel</onderdeel><onderdeel>trappers</onderdeel><onderdeel>stuur</onderdeel><onderdeel>frame</onderdeel></fiets>");
byte[] xmlByteArray;
using (MemoryStream memoryStream = new MemoryStream())
{
xmlDocument.Save(memoryStream);
xmlByteArray = memoryStream.ToArray();
}
string destinationUrl = string.Format("{0}{1}{2}{3}", baseUrl, customer, destinationDirectory, fileName);
string[] destinationUrlArray = new string[] { destinationUrl };
FieldInformation fieldInfo = new FieldInformation();
FieldInformation[] fields = { fieldInfo };
CopyResult[] resultsArray;
using (Copy copyService = new Copy())
{
copyService.PreAuthenticate = true;
copyService.Credentials = new NetworkCredential(username, password);
copyService.Url = string.Format("{0}{1}", baseUrl, serviceUrl);
copyService.Timeout = 600000;
uint documentId = copyService.CopyIntoItems(destinationUrl , destinationUrlArray, fields, xmlByteArray, out resultsArray);
}
}
When I execute the code I recieve the following error:
The request failed with the error message:
--
<html><head><title>Object moved</title></head><body>
<h2>Object moved to here.</h2>
</body></html>
--
It looks like I'm not authenticated and get redirected. The credentials however are correct.
Does anyone have an idea? Thanks in advance!
UPDATE
To be able to connect to SharePoint 2013 Online you have to attach the Office 365 authentication cookies as explained in this post.
My problem however is that there is also an ADFS involved. How can I autheticate against the ADFS?
This error most probably occurs due to incorrect authentication mode.
Since SharePoint Online (SPO) uses claims-based authentication, NetworkCredential Class can not be utilized for authentication in SPO.
In order to perform the authentication against the ADFS in SPO you could utilize SharePointOnlineCredentials class from SharePoint Online Client Components SDK.
How to authenticate SharePoint Web Services in SharePoint Online (SPO)
The following example demonstrates how to retrieve authentication cookies:
private static CookieContainer GetAuthCookies(Uri webUri, string userName, string password)
{
var securePassword = new SecureString();
foreach (var c in password) { securePassword.AppendChar(c); }
var credentials = new SharePointOnlineCredentials(userName, securePassword);
var authCookie = credentials.GetAuthenticationCookie(webUri);
var cookieContainer = new CookieContainer();
cookieContainer.SetCookies(webUri, authCookie);
return cookieContainer;
}
Example
string sourceUrl = "https://contoso.sharepoint.com/Documents/SharePoint User Guide.docx";
string destinationUrl = "https://contoso.sharepoint.com/Documents/SharePoint User Guide 2013.docx";
FieldInformation[] fieldInfos;
CopyResult[] result;
byte[] fileContent;
using(var proxyCopy = new Copy())
{
proxyCopy.Url = webUri + "/_vti_bin/Copy.asmx";
proxyCopy.CookieContainer = GetAuthCookies(webUri, userName, password);
proxyCopy.GetItem(sourceUrl,out fieldInfos,out fileContent);
proxyCopy.CopyIntoItems(sourceUrl,new []{ destinationUrl}, fieldInfos, fileContent, out result);
}
References
Remote Authentication in SharePoint Online Using Claims-Based
Authentication
SharePoint Online Client Components SDK
In my case (on premise) i have that error. when i changed at iis SharePoint authentication for web application , and disable "Forms Authentication". Now, i canĀ“t enter to SharePoint by UI, but the Web Service works... So I have revert and I have been looking and...
[Paul stork] The Web Application for this site is running in Classic Mode rather than Claims mode. This can happen if you create the web app using Powershell or upgrade from 2010. You can use PowerShell to change it.
http://technet.microsoft.com/en-us/library/gg251985.aspx
I have tried the Web Service in another new application created by UI in Central Administration (in same farm) and it had worked. The problem was the web application.
To try:
http://sharepointyankee.com/2011/01/04/the-request-failed-with-the-error-message-object-moved-sharepoint-2010-web-services-fba/
Extend your mixed authentication web application, and create a zone just for Windows Authentication, then change the Web Reference URL in the properties of your web service, to use that extended URL and port. You should have no issues of this kind anymore.