Click here to Skip to main content
12,398,225 members (54,176 online)
Rate this:
 
Please Sign up or sign in to vote.
See more: IIS6 .NET IIS SOAP
I have a web service application that accepts soap calls to add/remove members to local groups on servers. The application works if called from a windows client but the application fails when called from a unix client. I am using impersonation on the .net with a service account that has full admin rights on the end clients we are trying to modify.

From the unix client it dies on the objLocalGroup = GetObject(WinNT:// line

I am assuming it is some sort of .net setting for authentication. If anyone has any ideas where i should look or better ideas how to write the function it would be appreciated.

I have a custom application pool running as the service account. The website application is configured to use the application pool id.

  <WebMethod()> _
Function RemoveFromGroup(ByVal target_group As String,
                    ByVal domain As String,
                    ByVal account As String,
                    ByVal system As String) As Object
    '#############################
    'Function RemoveFromGroup
    'Variables
    'system Target server
    'domain of Group / User being added
    'account (Name of Group or User)
    'target_group group we are modifying membership
    'Returns
    'STATUS|domain:account|TIMESTAMP as a single string
    Dim AlreadyExists As Integer
    Dim action = "RemoveFromGroup"
    'Create an group object referencing the group on the target server
    objLocalGroup = GetObject("WinNT://" & system & "/" & target_group & ",group")
    If Err.Number = 0 Then
        'Check to see if the account already exists in the local Admin group
        For Each Group In objLocalGroup.Members
            If InStr(UCase(Group.ADSPath), UCase(domain & "/" & account)) <> 0 Then
                AlreadyExists = True
            End If
        Next
        'Add the specified account to the local target group if it doesn't already exist
        If AlreadyExists = True Then
            objLocalGroup.Remove("WinNT://" & domain & "/" & account)
            If Err.Number = 0 Then
                RemoveAccountFromLocalGroup = 0
            Else
                RemoveAccountFromLocalGroup = 1
                Err.Clear()
            End If
        Else
            RemoveAccountFromLocalGroup = 2
        End If
    Else
        RemoveAccountFromLocalGroup = 3
        retmsg = "FAILED-cannot connect to server|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
        Err.Clear()
    End If
    If RemoveAccountFromLocalGroup = 0 Then
        retmsg = "SUCCESS|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    ElseIf RemoveAccountFromLocalGroup = 1 Then
        retmsg = "FAILED|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    ElseIf RemoveAccountFromLocalGroup = 2 Then
        retmsg = "SUCCESS-NA|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    End If
    'clear variables to prevent memory leaks
    strDomainUser = Nothing
    objDomainUser = Nothing
    objLocalGroup = Nothing
    AlreadyExists = Nothing
    RemoveAccountFromLocalGroup = Nothing
    action = Nothing
    Return retmsg
End Function
Posted 24-Mar-11 5:11am
Updated 24-Mar-11 5:38am
Henry Minute225.2K
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web02 | 2.8.160721.1 | Last Updated 24 Mar 2011
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100