Hi All,
I'm getting some error messages, while trying to pull back a list of users
from our AD - I'm guessing it's a security issue (because it works correctly
when running as domain admin, so hoping someone can point me in the right
direction.
The code :
DirectoryEntry objDirEntry = new
DirectoryEntry("LDAP://domain/OU=Users,OU=MyOU,DC=domain,DC=local");
DirectorySearcher objSearch = new DirectorySearcher(objDirEntry);
objSearch.Filter = "(&(mailnickname=*)(objectClass=user))";
try
{
SearchResultCollection results = objSearch.FindAll();
}
catch (Exception e)
{
textBoxErr.Text = e.Message.ToString();
}
For some users, will produce the error :
The specified directory service attribute or value does not exist.
and for some users, the even stranger :
Logon failure: unknown user name or bad password.
Even though the users' account is enabled and working fine for everything
else.
The users are members of the same groups, so I can't see why the error would
be different.
What are minimum security requirements I need to set on the OU to allow
users to list all the users?
What are minimum security requirements I need to set on the OU to allow some
users to update the user details?
Bookmarks