They say it all boils down to security. It’s the account used by ASP.NET. It’s setting . It’s the way you set up ADAM.
It’s making sure that the ADAM user you are logging in with is a member of the Readers role.
It’s making sure that when attempting to create a System.DirectoryServices.DirectoryEntry, the ADAM username you are trying to bind with is the DN of the username, not the CN or anything else.
It’s making sure that when trying to create that DirectoryEntry to bind with an ADAM user, you set the AuthenticationTypes to None.
Yes, dear reader, it’s all of those. But, if like me you still find yourself with the “Unknown error”, and you’ve played with Reflector and walked through System.DirectoryServices, and googled “ADsOpenObject 0×80005000” and you’ve wept, and shaken your fist–keep going.
If you’ve ghosted your machine back to August 2003 to get rid of the Framework 2.0 beta you installed a few weeks back to play with Monad, and you still get the “Unknown error”, keep going.
If you’ve reinstalled ADAM twelve times, then created a fresh VMWare guest of 2003 with all the trappings, installed ADAM, run your code, and you still get the “Unknown error”, keep going.
When, after 24 hours of frustration, seditious thoughts of the quality of System.DirectoryServices.dll going through your head, you find yourself contemplating a switch to Linux, relax. I have an answer for you:
It’s “LDAP://”, not “ldap://”.
Yeah, I’m that serious.
So, here are the details. I created an ADAM instance with the following application partition:
CN=whywont,DC=this,DC=work
I then went in, and created a user:
CN=please tell me
which has the DN:
CN=please tell me, CN=whywont, DC=this, DC=work
I gave this user a password, and made sure to add it to the CN=Readers group, in the CN=Roles,CN=whywont,DC=this,DC=work container. I configured a virtual directory with in the web.config, only anonymous authentication enabled, and a low privilege account with access to ADAM as the login. Now for the code:
DirectoryEntry entry = new DirectoryEntry( “ldap://localhost:389/CN=whywont,DC=this,DC=work”,
“CN=please tell me, CN=whywont, DC=this, DC=work”,
“password”,
AuthenticationTypes.None )try
{
object adsi = entry.NativeObject ;
…
Result: Unknown error (0×80005000). But if you change the path to “LDAP://localhost…”, it works.
I’ve been speechless for nearly 2 hours now.
