Geeks With Blogs
Welcome to Geeks with Blogs
Michael Freidgeim
Personal Website / Bio
587 Posts | 965 Comments
News My Blog has been MOVED to https://mfreidge.wordpress.com
Post Categories
Archives
Michael Freidgeim's OLD Blog My Blog has been MOVED to https://mfreidge.wordpress.com
<< "Visual Studio 2005 is very slow" -some tips for ASP.NET projects | Home | Print UserAccountControl AD property programmatically. >>
To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .

I am using WebDav query to search e-mails and public folders from Exchange Server 2003. The code is based on the Visual Basic .NET sample  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/e2k3/e2k3/_exch2k_searching_folders_http.asp

However when I started to test the code with impersonation, I ve got a problem.The scenario was the following

I am using client on workstation running IE6 that login to ASP.NET web server using Windows Authentication with impersonation. The server ASP.NET page uses WebDav to access Exchange Server 2003.

The WebDav request failed with "The remote server returned an error: (401) Unauthorized".

If the client is running IE browser on the Web Server , WebDav queries are succeded.
I've changed Web Server to "trust this computer to delegate", but the error was the same.

The solution is to use "Negotiate" (or "Kerberos") instead of NTLM when calling MyCredentialCache.Add

CredentialCache cache =new CredentialCache();

NetworkCredential credential1 = (NetworkCredential) CredentialCache.DefaultCredentials;

// from http://blogs.msdn.com/buckh/archive/2004/07/28/199706.aspx

// Depending upon the IIS configuration, that may be negotiate, NTLM, Kerberos, basic, or digest authentication

//Negotiates with the client to determine the authentication scheme. If both client and server support Kerberos, it is used; otherwise NTLM is used.

string authType ="Negotiate";//The authentication scheme used by the resource named in uriPrefix.

// if Kerberos is unavailable, it can be 15sec delay (from http://blogs.msdn.com/buckh/archive/2004/07/28/199706.aspx#217098)

cache.Add(new Uri(strRootURI), authType, credential1);

It also important to ensure that both Web Server and impersonated user account are "Trusted for deilegation" (see ASP.NET and Exchange tips and samples and How To: Implement Kerberos Delegation for Windows 2000)

Related post: Configure Exchange Server 2003 for WebDav queries.

Posted on Tuesday, September 27, 2005 11:49 AM ASP.NET | Back to top

Related Posts on Geeks With Blogs Matching Categories

Comments on this post: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .

# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
Since NTLM would not work anyway, why not use "Kerberos" as the auth mode in the first place?

I should guess, though, that Basic will work? After all, this includes the password in clear text, so it is forwardable without any problems.
Left by Kiki on Apr 12, 2006 5:34 PM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
If forgot to mention: if you want to use Basic (or Digest) you cannot use DefaultCredentials but you will have to create a NetworkCredentials object.
Left by Kiki on Apr 12, 2006 5:35 PM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
Woohoo! Thanks!
The link above to thespoke.net with this gem - "The next error was:The remote server returned an error: (401) Unauthorized.
Even i had changed Exchange virtual directory settings to enable Integrated Windows authentication accordong to
MS KB 817379 before, it was disabled and I had to re-enable it again." has finally got me around the 401 Authentication problems I've been having. Awesome!!!
Left by hippy on Sep 02, 2008 12:11 AM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
cool. thanks a lot for this.

Regards, PKRao

Left by PKRao on Oct 20, 2008 7:58 AM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
Hi,
I am using basic authentication by passing network credentials and still get the 401-unauthorized error. What could be the problem?
Left by Dheepa on Jul 28, 2009 1:42 PM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
thanks DefaultCredentials but you will have to create a NetworkCredentials object.
Left by web tasarım on Feb 26, 2011 4:04 PM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
This doesn't work.
Left by WebDav sucks on May 23, 2011 4:45 PM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
thanks...
Left by web tasarım on Jun 21, 2011 8:23 AM
# re: To run WebDav queries against Exchange Folders from ASP.NET -use Kerberos .
Requesting Gravatar...
Very good I would recommend to anyone sharing Thanks for sharing.
Left by web tasarım on Jul 02, 2011 6:32 AM
Your comment:
 (will show your gravatar)

Copyright © Michael Freidgeim | Powered by: GeeksWithBlogs.net


Geeks With Blogs Content Categories ASP.Net SQL Server Apple Google SharePoint Windows Visual Studio Team Foundation Server Agile Office Design Patterns Web Azure
Brand New Posts on Geeks with Blogs 0