Ok, as a test I also created an ActiveX control and set it to use the
getObject method. The control was put in a container under services, and set
to run under the administrator account. It also worked. So this mainly has
to deal with how IIS handles and passes authentiacation requests, no?
There must be some way to have the credentials passed in IIS without having
to resort to OpenDSObject. But now I may be going OT for this...
-----Original Message-----
From: Stephens, Brendan
To: '[EMAIL PROTECTED] '
Sent: 1/24/2003 10:22 AM
Subject: RE: Child Domain Programming.
GOT IT. Sort Of...
It IS an authentication problem, of sorts....
Even though the anonymous script access was running as Administrator,
using: getObject("LDAP://DC=Child,DC=Domain,DC=COM";), only returned
domainDNS with no child objects.
However, using OpenDSObject Worked like a charm:
OpenDSObject( _
"LDAP://DC=Child,DC=Domain,DC=COM";, _
"CN=Admin,CN=Users,DC=Domain,DC=COM", _
"Admin Password", 0 )
First, I understand that this must be a credential thing, but why is
this so? Is it because when the request is passed to the child domain it
still goes as anonymous request? And using OpenDSObject passes the
correct credentials?
Second, there has to be an alternative here... What if we changed the
password for the Administrative Account? We would have to plow through
every page of script and change the code. And that's just not right...
This is like taking apart a toaster... ;)
List info : http://www.activedir.org/mail_list.htm
List FAQ : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
