Click here to Skip to main content
11,702,396 members (68,306 online)
Rate this: bad
good
Please Sign up or sign in to vote.
See more: IIS6 .NET SOAP
I have a web service application that accepts soap calls to add/remove members to local groups on servers. The application works if called from a windows client but the application fails when called from a unix client. I am using impersonation on the .net with a service account that has full admin rights on the end clients we are trying to modify.

From the unix client it dies on the objLocalGroup = GetObject(WinNT:// line

I am assuming it is some sort of .net setting for authentication. If anyone has any ideas where i should look or better ideas how to write the function it would be appreciated.

I have a custom application pool running as the service account. The website application is configured to use the application pool id.

  <WebMethod()> _
Function RemoveFromGroup(ByVal target_group As String,
                    ByVal domain As String,
                    ByVal account As String,
                    ByVal system As String) As Object
    '#############################
    'Function RemoveFromGroup
    'Variables
    'system Target server
    'domain of Group / User being added
    'account (Name of Group or User)
    'target_group group we are modifying membership
    'Returns
    'STATUS|domain:account|TIMESTAMP as a single string
    Dim AlreadyExists As Integer
    Dim action = "RemoveFromGroup"
    'Create an group object referencing the group on the target server
    objLocalGroup = GetObject("WinNT://" & system & "/" & target_group & ",group")
    If Err.Number = 0 Then
        'Check to see if the account already exists in the local Admin group
        For Each Group In objLocalGroup.Members
            If InStr(UCase(Group.ADSPath), UCase(domain & "/" & account)) <> 0 Then
                AlreadyExists = True
            End If
        Next
        'Add the specified account to the local target group if it doesn't already exist
        If AlreadyExists = True Then
            objLocalGroup.Remove("WinNT://" & domain & "/" & account)
            If Err.Number = 0 Then
                RemoveAccountFromLocalGroup = 0
            Else
                RemoveAccountFromLocalGroup = 1
                Err.Clear()
            End If
        Else
            RemoveAccountFromLocalGroup = 2
        End If
    Else
        RemoveAccountFromLocalGroup = 3
        retmsg = "FAILED-cannot connect to server|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
        Err.Clear()
    End If
    If RemoveAccountFromLocalGroup = 0 Then
        retmsg = "SUCCESS|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    ElseIf RemoveAccountFromLocalGroup = 1 Then
        retmsg = "FAILED|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    ElseIf RemoveAccountFromLocalGroup = 2 Then
        retmsg = "SUCCESS-NA|" & action & "|" & domain & ":" & account & "|" & Date.Now & "|group-" & target_group
    End If
    'clear variables to prevent memory leaks
    strDomainUser = Nothing
    objDomainUser = Nothing
    objLocalGroup = Nothing
    AlreadyExists = Nothing
    RemoveAccountFromLocalGroup = Nothing
    action = Nothing
    Return retmsg
End Function
Posted 24-Mar-11 5:11am
Edited 24-Mar-11 5:38am
(no name)224.6K
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Maciej Los 515
1 Sergey Alexandrovich Kryukov 355
2 OriginalGriff 299
3 CHill60 145
4 Mika Wendelius 115
0 OriginalGriff 8,369
1 Sergey Alexandrovich Kryukov 7,547
2 CPallini 4,922
3 Maciej Los 4,411
4 Mika Wendelius 3,556


Advertise | Privacy | Mobile
Web04 | 2.8.150819.1 | Last Updated 24 Mar 2011
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100