LDAP + ASP Classic + ADODB = 2147217865.（使用LDAP與ASP Classic中的Active Directory對話錯誤：2147217865）

Question

我需要使用LDAP爲舊ASP網站的用戶進行身份驗證。

我一直在使用代碼here。

它看起來像這樣：

<%@ LANGUAGE=VBSCRIPT %> 
<%Option Explicit%> 

<% 
Function getADUserInfo(strUID) 
    on error resume next 
    strGeneralLookupError = false 
    strBase = "<LDAP://DC=[DOMAIN], DC=[DOMAIN EXETENTION]>" 
    strFilter = "(sAMAccountName=" & strUID & ")" 
    strAttributes = "cn, mail, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber" 
    'strAttributes = "cn, company, givenName, sn, ADsPath, name, sAMAccountName, telephoneNumber" 
    strScope = "subtree"  
    strFullCommand = strBase & ";" & strFilter & ";" & strAttributes & ";" & strScope 
    set rsADUserInfo = Server.CreateObject("ADODB.Recordset") 
    set rsADUserInfo = connAD.Execute(strFullCommand) 
    if err.number <> 0 then 
     strGeneralLookupError = true 
    end if 
    set getADUserInfo = rsADUserInfo 
    set rsADUserInfo = Nothing 
End Function 

Sub getUserData(p_strUserID) 
    on error resume next 
    set rsUserData = Server.CreateObject("ADODB.Recordset") 
    set rsUserData = getADUserInfo(p_strUserID) 
    if not rsUserData.EOF then 
     strUserGN = rsUserData("givenName") 
     strUserSN = rsUserData("sn") 
     strUserOU = rsUserData("company") 
     strUserEmail = rsUserData("mail") 
     strUserPhone = rsUserData("telephoneNumber") 
    else 
     strADLookupSuccess = false 
    end if 
    rsUserData.Close 
    set rsUserData = Nothing 
End Sub 

on error resume next 

response.expires = 0 

DIM connAD, rsUserData, rsADUserInfo 
DIM strUserGN, strUserSN, strUserOU, strUserEmail, strUserPhone 
DIM strBase, strFilter,strAttributes, strScope, strFullCommand 
DIM strGeneralLookupError, strADLookupSuccess 
DIM strUserID 

strUserGN = "The user can not be found in the system." 
strGeneralLookupError = false 
strADLookupSuccess = true 

set connAD = Server.CreateObject("ADODB.Connection") 
connAD.Provider = "ADsDSOObject" 
connAD.Properties("User ID") = "[DOMAIN]\[USERNAME]" ' ### remember to make sure this user has rights to access AD 
connAD.Properties("Password") = "[PASSWORD]" 
connAD.Properties("Encrypt Password") = true 
connAD.Open 

strUserID = "[USERNAME YOU WANT INFO FOR]" 
call getUserData(strUserID) 

connAD.Close 
set connAD = Nothing 
%> 
<html> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> 
<title>ASP Code to access AD with LDAP Page</title> 
</head> 
<body> 
<%=strUserGN%>&nbsp; 
<%=strUserSN%><br /> 
<%=strUserOU%><br /> 
<%=strUserEmail%><br /> 
<%=strUserPhone%><br /> 
</body> 
</html> 

我可以使用C＃拉回來的信息，所以我不認爲這是導致問題的服務器。

所有我最終都是2147217865錯誤。

AD服務器是Windows Server 2003.

Web服務器是XP Pro上的IIS。

我試圖改變strFullCommand到：

Select cn From 'LDAP://SEVERPATH' where objectClass='user'" & " and objectcategory='person' 

沒有骰子那裏。有任何想法嗎？

Answer 1

我要做的第一件事就是去掉這些On Error Resume Next聲明。他們可能隱藏了許多你沒有看到正確報道的罪過。

Answer 2

這工作：

function AuthenticateUser(UserName, Password, Domain) 
dim strUser 
' assume failure 
AuthenticateUser = false 

strUser = UserName 
strPassword = Password 

strQuery = "SELECT cn FROM 'LDAP://" & Domain & "' WHERE objectClass='*' " 
set oConn = server.CreateObject("ADODB.Connection") 
oConn.Provider = "ADsDSOOBJECT" 
oConn.Properties("User ID") = strUser 
oConn.Properties("Password") = strPassword 
oConn.Properties("Encrypt Password") = true 
oConn.open "DS Query", strUser, strPassword 

set cmd = server.CreateObject("ADODB.Command") 
set cmd.ActiveConnection = oConn 
cmd.CommandText = strQuery 
on error resume next 
set oRS = cmd.Execute 
if oRS.bof or oRS.eof then 
    AuthenticateUser = false 
else 
    AuthenticateUser = true 
end if 
set oRS = nothing 
set oConn = nothing 

end function