Posts Tagged AD

Request for the permission of type ‘System.DirectoryServices.DirectoryServicesPermission, System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a’ failed – InfoPath 2007 forms Security Levels

When I was trying to display user information from Active Directory(AD) in an InfoPath form, I have got an error message saying that I don’t have permissions to access the Directory services. 😦

Details of the error message:

Text format of the error:

System.Security.SecurityException
 Request for the permission of type 'System.DirectoryServices.DirectoryServicesPermission, System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' failed.
at Template2.FormCode.GetOU(String username)
at Template2.FormCode.CTRL1_5_Clicked(Object sender, ClickedEventArgs e)
at Microsoft.Office.InfoPath.Internal.ButtonEventHost.OnButtonClick(DocActionEvent pEvent)
at Microsoft.Office.Interop.InfoPath.SemiTrust._ButtonEventSink_SinkHelper.OnClick(DocActionEvent pEvent)

I have faced this kind of security level errors while creating a web parts using Active Directory(AD) and you can read this in my previous post.

Basically InfoPath provides three security levels for forms, they are:

  • Restricted
  • Domain
  • Full Trust

The security levels determine whether a form can access data on other domains, or access files and settings on a user’s computer. If you need more info about this, just click here.

When we design/create an InfoPath form, the minimum trust level will be assigned in-default and which is not enough to access the Directory Services. So we need to change the trust level to access the information.  These are the simple steps to change the Trust Levels in InfoPath,

Step 1: Open the Form template in Design Mode

Step 2: Click the Form Options on the Tools menu

Step 3: You will be getting the following window and the security levels automatically determined

Step 4: Unchecked the check box, give the permissions to ‘Full Trust’ and then click OK

That’s all, you can access the Directory Services programmatically and display in your InfoPath form.  Sometimes you will be getting another error after fixing this (probably after publishing to SharePoint), to solve this problem we just need to specify the digitally signed certificate for this form. Check out the error message here.

Thanks. R./

Advertisements

, , , , , , ,

2 Comments

How to get the current user’s OU (Organizational Unit) from AD (Active Directory) – C#

There are so many ways to get the user details form AD (Active directory), but I wanted to get the current user’s OU (Organizational Unit) from Active directory. There is no any direct method to get the OU (Actually I could not find anything on the web, if anyone get an easy way to find-out please let me know). I am currently developing a Custom Search for SharePoint 2007 and according to the OU, I want to display the search results.

Here is the method I have created and most of the comments I have put in the code itself. I used Asp.net and C#.

public string GetOU(string username)
 {
 string result = string.Empty;
 using (HostingEnvironment.Impersonate())
 {
 //Getting the domain
 PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);

//Finding the user
 UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, username);

//If the user found
 if (user != null)
 {
 // Getting the DirectoryEntry
 DirectoryEntry directoryEntry = (user.GetUnderlyingObject() as DirectoryEntry);
 //if the directoryEntry is not null
 if (directoryEntry != null)
 {
 //Getting the directoryEntry's path and spliting with the "," character
 string[] directoryEntryPath = directoryEntry.Path.Split(',');
 //Getting the each items of the array and spliting again with the "=" character
 foreach (var splitedPath in directoryEntryPath)
 {
 string[] eleiments = splitedPath.Split('=');
 //If the 1st element of the array is "OU" string then get the 2dn element
 if (eleiments[0].Trim() == "OU")
 {
 result = username + "-" + eleiments[1].Trim();
 break;
 }
 }
 }
 }
 }
 return result;
 }

Please don’t forget to add the following references:

using System.Collections;
using System.DirectoryServices.AccountManagement;
using System.DirectoryServices;
using System.Security.Principal;

If you want to get the current user’s OU then you can call this method in the Page_Load event.

protected void Page_Load(object sender, EventArgs e)
{
string userName = Context.User.Identity.Name;
LabelOU.Text = GetOU(userName);
}

You will get the output like this:

Domain-Name\RajanihanthV
OU-Name
I hope this small C# code will be helping someone! Thanks R./

References:

1. http://stackoverflow.com/questions/637486/how-to-get-the-current-users-active-directory-details-in-c-sharp

2. http://stackoverflow.com/questions/5309988/how-to-get-the-groups-of-a-user-in-active-directory-c-asp-net

, , , , , , , , , , , ,

7 Comments