LDAP Authenticating Tweaks Needed

[drweb]

Hey All,

I have scoured the site and googled until my head hurt but still stuck. Basically I am trying to get this ASP code to work in order to get the current windows username and check their domain group membership and based on which group it will redirect them to a proper page or redirect to a custome denial page. Here is what I have so far in my ASP page. Do I have things in wrong locations or is it even possible. BTW - IIS on 2000 member server with basic authentication set for now and MDAC 2.8 on each side.
I currently get a failure on the bolded line


<%@ language="VBSCRIPT" %>
<%
MemberGodGroup = IsAMember("Domain-Admins")
If (MemberGodGroup ) Then
response.write("hello")
End If

Function IsAMember(strGroup)
Dim strUserID ' The User ID in context
Dim strPath ' The namespace path (where to get information)
Dim objUserInfo ' Where the user information is kept
Dim objGroup ' A collection containing group users
Dim blnInGroup ' Is this person a member of the group?

strUserID = ucase(Request.ServerVariables("AUTH_USER"))

strUserID = Mid(strUserID,(instr(1,strUserID,"\")+1),len(strUserID))

strPath = "WinNT://mydomain/" & strUserID & ",user"

'Get the information.
Set objUserInfo = GetObject(strPath)

IsAMember = False

'Redefine the query to get all the members of the Need2Know group
strPath = "WinNT://mydomain/" & strGroup & ",group"

'Ask NT to give us all the members of the group in question
Set objGroup = GetObject(strPath)

'Iterate through the group members
for each objUserInfo in objGroup.Members
' Determine if the page requestor is a member of the provider group
if ucase(objUserInfo.Name) = strUserID Then
' Yes, this requestor is...
IsAMember = True
' Exit this loop when found
Exit For
end If
Next

End Function

%>

<html>
<head>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>testing for group membership</title>
</head>
<body>

<!-- Insert HTML here -->

</body>
</html>


Thanks in advanced
Clay

 

[Sheco]

Try putting this:
Response.Write "strPath = " & strPath

Put it right above the line that makes the error.

It is possible that the variable doesn't contain what it should... for example if AUTH_USER is blank...

 

[drweb]

I tried adding your tip to multiple places in the page. But am still getting an Error Type0x80005000) on the same line in my original post Set objUserInfo = GetObject(strPath)

I think it can't bind to active directory or find it in order set the strPath but I am new to any LDAP stuff in asp.

Thanks
Clay

 

[tsuji]

>I tried adding your tip to multiple places in the page. But am still getting an Error Type0x80005000) on the same line in my original post Set objUserInfo = GetObject(strPath)

You sure get the same error at the same place. What you are requested to verify is whether response.write strPath shows you the sensible result you are expected. Or I would more appropriate to check strUserID!

In fact this line:
[tt] Set objUserInfo = GetObject(strPath)[/tt]
is absolutely immaterial. You should simply delete it altogether.

You are using objUserInfo at some lines after as the member object's name!
>[tt] for each objUserInfo in objGroup.Members[/tt]
So what's for the former setting up of objUserInfo?

 

[drweb]

Thanks for the reply tsuji. I did remove the statement you mentioned as immaterial. I then get an error on line 30 which is Set objGroup = GetObject(strPath).
It acts like it doesn't know what strPath is even though I have is set to = "WinNT://mydomain/" & strUserID & ",user"

 

[tsuji]

[1] So, do you get anything out of strUserId? Does it show something?
[2] You do not mean to set up objGroup with the strPath of user?! or do you?