[ADVANCED-DOTNET] System.DirectoryServices - same code -- different behaviour

[Toulakis, Dimitrios (RESC)]

Hi all,
 
got a strange behaviour with a piece of code which is creating user
accounts on the active directory.
 
The code looks like this:
 
                public bool CreateUser(string userId, string
lookupDomain, ContactEntity contact)
                {
                        string path = string.Format( "{0}://{1}",
PROVIDER_LDAP, lookupDomain);

                        //the impersonate class wraps around the
"advapi32.dll" 
                        //to get the impersonisation token
                        Impersonate im = new Impersonate(); 

                        bool score = true;

                        Hashtable hash = GetUsers(lookupDomain);

                        int counter = 0;
                        string originalId = userId;

                        while(hash.Contains(userId))
                                userId = originalId +
counter.ToString();


                        try
                        {
                                DirectoryEntry de = new
DirectoryEntry(path, AD_ACCOUNT, AD_ACCOUNT_PASSWORD,
AuthenticationTypes.Secure);

                                im.ImpersonateUser(User.DOMAIN,
AD_ACCOUNT, AD_ACCOUNT_PASSWORD, true);

                                DirectoryEntry user =
de.Children.Add("CN=" + userId, "user");

                                user.Properties["sAMAccountName"].Value
= userId;

                        user.Properties["userAccountControl"].Value =
ActiveDs.ADS_USER_FLAG.ADS_UF_NORMAL_ACCOUNT 
                                        |
ActiveDs.ADS_USER_FLAG.ADS_UF_PASSWD_NOTREQD 
                                        |
ActiveDs.ADS_USER_FLAG.ADS_UF_DONT_EXPIRE_PASSWD;

                                user.CommitChanges();
                                user.Invoke("SetPassword", new object[]
{DEFAULT_AD_PASSWORD});

                                hash.Add(userId, userId);

                                UpdateUsers(lookupDomain, hash);
                        }
                        catch(Exception ex)
                        {
                                ex.GetHashCode();
                                score = false;
                        }
                        finally
                        {
                                im.UndoImpersonation();
                        }

                        return score;

                }
 

Using this piece of code in an Windows Forms application works fine.
But when using it in an ASP.NET application it fails.

The error message is: 

Logon failure: unknown user name or bad password

This is strange to me because with the same credentials I am able to get
all the domain user accounts (within the ASP.NET application).

So, I am currently running out of ideas...

Any suggestions?




Met vriendelijke groet / With kind regards,

Dimitrios Toulakis

Postbus 1010
3600 BA Maarssen/Amsterdam
The Netherlands

Tel : +31(0) 346 583300
Fax: +31(0) 346 583399
URL: http://www.resourcesconnection.nl
<http://www.resourcesconnection.nl/> 
E-mail disclaimer: http://www.resourcesconnection.nl/e-maildisclaimer
<http://www.resourcesconnection.nl/e-maildisclaimer> 

===================================
This list is hosted by DevelopMentor®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com