November Happy Hour will be moved to Thursday December 5th.

Active Directory Group Search

Vote:
 

Getting the following error when trying to search AD groups from within EpiServer, It seems that if I search for users it works fine.

Anyone come across this problem before? My supplier is telling me its a CMS6.0 Bug.

Thanks

Stefan

[DirectoryServicesCOMException (0x80072030): There is no such object on the server.
]
   System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +377678
   System.DirectoryServices.DirectoryEntry.Bind() +36
   System.DirectoryServices.DirectoryEntry.get_AdsObject() +31
   System.DirectoryServices.PropertyCollection.Contains(String propertyName) +24
   EPiServer.Security.AdsiDataFactory.CreateDirectoryDataFromDirectoryEntry(DirectoryEntry entry) +171
   EPiServer.Security.AdsiDataFactory.GetEntry(String distinguishedName) +141
   EPiServer.Security.ActiveDirectoryRoleProvider.GetAllRoles() +144
   EPiServer.Security.MultiplexingRoleProvider.GetAllRoles() +100
   System.Web.Security.Roles.GetAllRoles() +39
   EPiServer.Security.VirtualRoles.FilteredRoles(Func`2 filterCondition) +350
   EPiServer.Security.VirtualRoles.FindRoles(String roleName) +108
   EPiServer.UI.Edit.MembershipBrowser.PopulateGroupsUserList(String name, String email) +117
   EPiServer.UI.Edit.MembershipBrowser.OnLoad(EventArgs e) +166
   System.Web.UI.Control.LoadRecursive() +50
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627

#57154
Feb 28, 2012 16:21
Vote:
 

Hi, 

Have a look at below blog post. 

http://world.episerver.com/Blogs/Leif-Bostrom/Dates/2010/7/Exposing-the-root-cause-of-ActiveDirectoryRoleProvider-errors/

Hope it helps!  

 

#57170
Feb 29, 2012 17:05
Vote:
 

We managed to solve the problem by changing how the AD connection was setup (web.config), the key was EPsLdapRootContext, previously episerver was scanning several domains and hundreds of groups. Now its only scanning what it needs too. We now have a performance increase and any invalid groups that are added outside of the Episerver group will not affect the intranet.

<addkey="EPsLdapServer"value=LDAP://ADSERVERNAME/">
<addkey="EPsLdapDomain"value="DC=domain,DC=com"/>
<addkey="EPsLdapUser"value="username"/>
<addkey="EPsLdapPassword"value="password"/>
<addkey="EPsLdapRootContext"value="DC=domain,DC=com,OU=CommonGroups,OU=EpiServer "/>
<addkey="EPnLdapAuthenticationType"value="1158"/>
<addkey="EPfLdapAuthenticateWithBind"value="False"/>
<addkey="EPsLdapServerType"value=""/>

 Thanks for your response, Hope this helps others.

Stefan

 

#57214
Mar 02, 2012 11:27
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.