0

I have a problem getting an IADsContainer object from ADsOpenObject() by using the WinNT provider from a service on a remote machine.

I've been able to get the code working in the following scenarios except number 4

  1. My application is deployed on the same machine to which it connects(localhost).
  2. My application is deployed as a Local Service on the same machine to which it connects(localhost).
  3. My application is deployed on a remote machine and it connects by providing an IP.
  4. My application is deployed on a remote machine as a Local Service and it connects by providing an IP.
#include <iostream>

#include <Adshlp.h>
#include <comdef.h>

IADsContainer* container = nullptr;
HRESULT hres = ADsOpenObject( L"WinNT://192.168.1.30", L"Administrator", L"someAdminPass", ADS_SECURE_AUTHENTICATION | ADS_READONLY_SERVER, IID_IADsContainer, (void**)&container );

if( SUCCEEDED(hres) )
{
    // do stuff with the container object
}
else
{
    _com_error err( hres );
    LPCTSTR errMsg = err.ErrorMessage();
    std::wcout << errMsg;
}

I expect hres to be S_OK and valid 'container' pointer but I only get E_FAIL with error string "Unspecified error"

The Storm
  • 71
  • 8
  • `S_FALSE` is a success code. How and where did you get the *"error string 'Unspecified error'"*? – IInspectable May 21 '19 at 22:35
  • 1
    Does the "myUser" contain the domain name, [ADsOpenObject](https://learn.microsoft.com/en-us/windows/desktop/api/adshlp/nf-adshlp-adsopenobject#parameters) says: **This string should always be in the format "/" to avoid ambiguity.** – Drake Wu May 22 '19 at 09:52
  • as @IInspectable says, `SUCCEEDED(S_FALSE )` = true. Provide the real error information, or real code. – Drake Wu May 22 '19 at 09:58
  • I'm sorry for the S_FALSE confusion. The value is E_FAIL, I did some wrong copy/paste... I've also updated the connection string to how exactly I use it. I don't specify username and it should not be needed, because I use the 'container' object to fetch different user's info. @DrakeWu-MSFT The error string is fetched as showed in the else case by using the _com_error object. – The Storm May 22 '19 at 14:34
  • I meant I don't specify username in the WinNT:// connection string. :) – The Storm May 22 '19 at 14:56
  • 1
    I meant the 2nd parameter of `ADsOpenObject`, and I cannot produce this issue on mine. – Drake Wu May 23 '19 at 10:21
  • @DrakeWu-MSFT Ah sorry. No it does not contain a domain name. I've edited the question with the exact parameters I use, except the password. – The Storm May 24 '19 at 12:38
  • I've just added a domain name to the user name as "Administrator@DOMAIN.com" and it worked!!! Thanks a lot @DrakeWu-MSFT! I don't know how I didn't came to that earlier. For the others reading the comment, beware that the "DOMAIN.COM" part is setup specific. I will now answer my own question. – The Storm May 24 '19 at 12:56

1 Answers1

0

The issue is resolved thanks to the guides in the comments from @DrakeWu-MSFT!

I just needed to specify a FQDN username. If your machine domain is "DOMAIN.COM' then the username string should be "UserName@DOMAIN.com". This solved the issue for me. Also big "thanks" to MS for such a descriptive error message... :)

The main code line now looks like this:

HRESULT hres = ADsOpenObject( L"WinNT://192.168.1.30", L"Administrator@MYDOMAIN.COM", L"someAdminPass", ADS_SECURE_AUTHENTICATION | ADS_READONLY_SERVER, IID_IADsContainer, (void**)&container );

P.S. Beware that there are other WinAPI functions that don't like FQDN username.

The Storm
  • 71
  • 8