Previous Next

• 07-03-2008, 1:45 PM

  ChrisRh Joined on 07-03-2008, 5:40 PM Posts 4

  reading Active Directory groups no longer works in IIS7 Reply Contact This classic ASP code worked in IIS 6, but not in IIS7.   It was a great way for me to check an authenticated username against an AD group membership list to give certain options on pages.  Does anyone have a suggestion for a replacement (other than hard-coding usernames)?     username_found_sw = "N"     Set oGroup = GetObject("WinNT://domain/its_staff")     For Each oMember in oGroup.Members      If Ucase(trim(oMember.Name)) = trim(Session("username")) Then      username_found_sw = "Y"      End If     Next     Set oGroup = Nothing

  Tags: ASP ClassicIIS 7AD

• 07-03-2008, 11:06 PM

  In reply to

  steve schofield Joined on 06-10-2002, 4:54 PM MI Posts 2,373

  Re: reading Active Directory groups no longer works in IIS7 Reply Contact That is more ADSI based which by default only runs under IUSR.  You would need to authenticate.  Also, try running your application pool in classic mode and ensure the IUSR, authenticated user or app pool has the appropriate permissions. Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 07-07-2008, 7:52 AM

  In reply to

  ChrisRh Joined on 07-03-2008, 5:40 PM Posts 4	Re: reading Active Directory groups no longer works in IIS7 Reply Contact Thank you for the suggestions, but the folder only allows non-anonymous users (staff, faculty) and the defaultAppPool being used is already running in classic mode.   Any other suggestions would be most appreciated.

• 07-07-2008, 7:55 AM

  In reply to

  ChrisRh Joined on 07-03-2008, 5:40 PM Posts 4	Re: reading Active Directory groups no longer works in IIS7 Reply Contact I just had a thought.  I just finished upgrading both DCs to Win2008 too.  Could there be something there I need to change that worked by default in Win2003 (or was removed by the upgrade?).

• 07-08-2008, 11:47 PM

  In reply to

  steve schofield Joined on 06-10-2002, 4:54 PM MI Posts 2,373	Re: reading Active Directory groups no longer works in IIS7 Reply Contact I'm checking with a few folks on this thread.  It's an interesting one since AD is so popular. Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 07-15-2008, 3:15 PM

  In reply to

  ChrisRh Joined on 07-03-2008, 5:40 PM Posts 4	Re: reading Active Directory groups no longer works in IIS7 Reply Contact Any luck (or should I open an MS Support Case)?

• 07-15-2008, 6:20 PM

  In reply to

  steve schofield Joined on 06-10-2002, 4:54 PM MI Posts 2,373	Re: reading Active Directory groups no longer works in IIS7 Reply Contact No update sorry.  If you can burn a pss case, that'll probably be your fastest route. Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget