LDAP Problems with WSS 3.0 SP1

Apr 27, 2009 at 6:18 AM
Hello,

I have managed to install all shiped files and i have activated all features. But I have still Problems to connect to the AD.
Here is a little list about what I have done:

  1. I couldn't get the gacutil to work, so I have drag'an'dropped the OrbitOne.SharePoint.Provision.WebParts.dll file into the C:\WINDOWS\assembly directory. I hope that's the same effect.
  2. After that I've started the Batchfile:
  3. rem gacutil /i OrbitOne.SharePoint.Provision.WebParts.dll

    xcopy files\*.* "C:\Programme\Gemeinsame Dateien\Microsoft Shared\web server extensions\12\TEMPLATE" /S /Y

    stsadm.exe -o  installfeature -filename "GeneralWebPart\Feature.xml" -force

    stsadm.exe -o  installfeature -filename "ChangeYourPassword\Feature.xml" -force

    stsadm.exe -o  installfeature -filename "CreateNewUser\Feature.xml" -force

    stsadm.exe -o  installfeature -filename "SiteCollectionADSetting\Feature.xml" –force

  4. The last line seems not to work...

  5. After that I have added the SafeControls into the WebConfig file from the Application in wich the Account Provision should work:

  6. <SafeControls>

     

    <SafeControl Assembly="OrbitOne.SharePoint.Provision.WebParts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=69c5ad41d2c8b10f" Namespace="OrbitOne.SharePoint.Provision.WebParts" TypeName="GeneralWebPart" Safe="True" />

    <SafeControl Assembly="OrbitOne.SharePoint.Provision.WebParts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=69c5ad41d2c8b10f" Namespace="OrbitOne.SharePoint.Provision.WebParts" TypeName="ChangePasswordWebPart" Safe="True" />

    <SafeControl Assembly="OrbitOne.SharePoint.Provision.WebParts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=69c5ad41d2c8b10f" Namespace="OrbitOne.SharePoint.Provision.WebParts" TypeName="CreateUserWebPart" Safe="True" />

    <SafeControl Assembly="OrbitOne.SharePoint.Provision.WebParts, Version=1.0.0.0, Culture=neutral, PublicKeyToken=69c5ad41d2c8b10f" Namespace="OrbitOne.SharePoint.Provision.WebParts" TypeName="SiteCollectionADSettingWebPart" Safe="True" />

     

    </SafeControls>

  7.  Then I've activated the Features. like above, the last line seems not to work:

     
  8. stsadm -o activatefeature -filename "GeneralWebPart\Feature.xml" -url "https://test.domain.local"

    stsadm -o activatefeature -filename "ChangeYourPassword\Feature.xml" -url "https://test.domain.local"

    stsadm -o activatefeature -filename "CreateNewUser\Feature.xml" -url "https://test.domain.local"

    stsadm -o activatefeature -filename "SiteCollectionADSetting\Feature.xml" -url "https://test.domain.local"

  9. The described Features are accessible from the Site test.domain.local but when I try to enter die LDAP Connection String I get an errormessage: Cannot connect using this connection string.

  10. I have used this string: LDAP://service.ad.com/OU=Extern,DC=service,DC=ad,DC=com in the OU Field I've added: Container

  11. It's the same Connectionstring as the one in the WebConfig, which I use to connect to the AD Membership Provider. The Users are in the OU=Container

  12. The Applicationpool User has enough rights. I've tried this with the AD tool which is shipped in the ZIP file.

Thanks your Help!

Apr 27, 2009 at 1:34 PM
Hi TheOrk,

Thanks for the detailed report!
I'll answer as best as I can.

1. Correct, that's the same
2,3, Correct
4. This indeed doesn't work, the alst feature is automatically activated as partof "CreateNewUser". I'll correct this
5,6 Correct
7,8 See 4. SiteCollectionADSetting does not need to be activated on it's own
12. Great

9,10,11. The error means that the connection string is not entirely correct. With a connection string like that you should have the following structure in AD:
Domain: service.ad.com
--- OU: Extern
--------- OU: Container

Is that the case?
Apr 28, 2009 at 8:15 AM
Hi melg,

Thanks for the quick answers!

Yes, the structure is correct. We have an OU for all things "extern" and below this lies the OU "container" where the SharePoint users are.

Any idea?

greetz TheOrk
Apr 28, 2009 at 1:34 PM
Hi TheOrk,

I'm not sure what could be the problem. 
The test to see is the connection string is valid is to create a DirectoryEntry object and to request it's name. Could you try this with the code below in a console appliaction outside SharePoint and see if it works? You will need to add a reference to System.DirectoryServices.

using System;
using System.Collections.Generic;
using System.DirectoryServices;
public static void Main()
{
DirectoryEntry root = new DirectoryEntry("LDAP://service.ad.com/OU=Extern,DC=service,DC=ad,DC=com");
Console.WriteLine(root.Name);
Console.Read();
}