ADSI/ASP: How to pass distinguishedName as hidden form field?

[FOLLOW-UPS TO microsoft.public.scripting.vbscript]

Hi All,

I'm running into issues with passing the distinguishedName of a user as a
hidden form field in a form from one page to the result page.

Page 1: User enters user name in a form field

Page 2: Queries AD, gets distinguishedName, binds to the user.
Need to add more info to the user if attributes not present.
Relevant portion of FORM:

Response.Write("<B>ID: " & objUser.ID & "<Font color='Red'>not entered!
</font></B>" & _
"<FORM NAME='Form_Addid' ACTION='addid.asp' METHOD='post'>" & _
"<INPUT TYPE='text' NAME='inputId' SIZE=5 MAXLENGTH=6><br>" & _
"<INPUT TYPE='hidden' NAME='Username' value=" & objUser.sAMAccountName &
">" & _
"<INPUT TYPE='hidden' NAME='UserDN' value=" & objUser.distinguishedName &
">" & _
"<INPUT TYPE='submit' NAME='Submit_id' value='Add ID'></FORM>")

Page 3: Process form from prevoius page, populate attributes for the same
user.
Relevant portions of ASP code to get user's details from previous page.

<%
strUsername=Request.Form("Username")
strUserDN = Request.Form("UserDN")
Response.Write("Username: " & strUsername)
Response.Write("Distinguished Name" " & strUserDN)
%>

Questions:
i) Can the user bind on Page 2 be carried over to page 3 so there's no need
to search and bind to the user again?
ii) If not, can the distinguishedName be passed on to Page 3 (like I'm
trying to do) to eliminate the search portion and simply bind to the
distinguishedName?

When I try to pass the distinguishedName to Page 3 as a hidden form field,
and display the field using Response.Write - I only get a partial
distinguishedName - just the CN portion.
sAMAccountName seems to be passing without any issues (but then I'd need to
search and bind again based on that).

Thanks,
Bharat Suneja

Deji
Fri Sep 10 11:40:34 CDT 2004

Store the value in a session variable.

Session("strUserDN") = Request.Form("UserDN")

Then on the page where you want to use the value:
strUserDN = Session("strUserDN")

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Bharat Suneja" <bharat@nospam.com> wrote in message
news:#KBAxy0lEHA.3712@TK2MSFTNGP15.phx.gbl...
> [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
>
> Hi All,
>
> I'm running into issues with passing the distinguishedName of a user as a
> hidden form field in a form from one page to the result page.
>
> Page 1: User enters user name in a form field
>
> Page 2: Queries AD, gets distinguishedName, binds to the user.
> Need to add more info to the user if attributes not present.
> Relevant portion of FORM:
>
> Response.Write("<B>ID: " & objUser.ID & "<Font color='Red'>not entered!
> </font></B>" & _
> "<FORM NAME='Form_Addid' ACTION='addid.asp' METHOD='post'>" & _
> "<INPUT TYPE='text' NAME='inputId' SIZE=5 MAXLENGTH=6><br>" & _
> "<INPUT TYPE='hidden' NAME='Username' value=" & objUser.sAMAccountName
&
> ">" & _
> "<INPUT TYPE='hidden' NAME='UserDN' value=" & objUser.distinguishedName
&
> ">" & _
> "<INPUT TYPE='submit' NAME='Submit_id' value='Add ID'></FORM>")
>
> Page 3: Process form from prevoius page, populate attributes for the same
> user.
> Relevant portions of ASP code to get user's details from previous page.
>
> <%
> strUsername=Request.Form("Username")
> strUserDN = Request.Form("UserDN")
> Response.Write("Username: " & strUsername)
> Response.Write("Distinguished Name" " & strUserDN)
> %>
>
> Questions:
> i) Can the user bind on Page 2 be carried over to page 3 so there's no
need
> to search and bind to the user again?
> ii) If not, can the distinguishedName be passed on to Page 3 (like I'm
> trying to do) to eliminate the search portion and simply bind to the
> distinguishedName?
>
> When I try to pass the distinguishedName to Page 3 as a hidden form field,
> and display the field using Response.Write - I only get a partial
> distinguishedName - just the CN portion.
> sAMAccountName seems to be passing without any issues (but then I'd need
to
> search and bind again based on that).
>
> Thanks,
> Bharat Suneja
>
>

Bharat
Fri Sep 10 14:04:46 CDT 2004

Thanks much - that worked!

Bharat Suneja


"Deji Akomolafe" <noemail@akomolafe.com> wrote in message
news:ePx$nT1lEHA.1652@TK2MSFTNGP09.phx.gbl...
> Store the value in a session variable.
>
> Session("strUserDN") = Request.Form("UserDN")
>
> Then on the page where you want to use the value:
> strUserDN = Session("strUserDN")
>
> --
> Sincerely,
>
> Dèjì Akómöláfé, MCSE MCSA MCP+I
> Microsoft MVP - Directory Services
> www.readymaids.com - we know IT
> www.akomolafe.com
> Do you now realize that Today is the Tomorrow you were worried about
> Yesterday? -anon
> "Bharat Suneja" <bharat@nospam.com> wrote in message
> news:#KBAxy0lEHA.3712@TK2MSFTNGP15.phx.gbl...
> > [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
> >
> > Hi All,
> >
> > I'm running into issues with passing the distinguishedName of a user as
a
> > hidden form field in a form from one page to the result page.
> >
> > Page 1: User enters user name in a form field
> >
> > Page 2: Queries AD, gets distinguishedName, binds to the user.
> > Need to add more info to the user if attributes not present.
> > Relevant portion of FORM:
> >
> > Response.Write("<B>ID: " & objUser.ID & "<Font color='Red'>not
entered!
> > </font></B>" & _
> > "<FORM NAME='Form_Addid' ACTION='addid.asp' METHOD='post'>" & _
> > "<INPUT TYPE='text' NAME='inputId' SIZE=5 MAXLENGTH=6><br>" & _
> > "<INPUT TYPE='hidden' NAME='Username' value=" &
objUser.sAMAccountName
> &
> > ">" & _
> > "<INPUT TYPE='hidden' NAME='UserDN' value=" &
objUser.distinguishedName
> &
> > ">" & _
> > "<INPUT TYPE='submit' NAME='Submit_id' value='Add ID'></FORM>")
> >
> > Page 3: Process form from prevoius page, populate attributes for the
same
> > user.
> > Relevant portions of ASP code to get user's details from previous page.
> >
> > <%
> > strUsername=Request.Form("Username")
> > strUserDN = Request.Form("UserDN")
> > Response.Write("Username: " & strUsername)
> > Response.Write("Distinguished Name" " & strUserDN)
> > %>
> >
> > Questions:
> > i) Can the user bind on Page 2 be carried over to page 3 so there's no
> need
> > to search and bind to the user again?
> > ii) If not, can the distinguishedName be passed on to Page 3 (like I'm
> > trying to do) to eliminate the search portion and simply bind to the
> > distinguishedName?
> >
> > When I try to pass the distinguishedName to Page 3 as a hidden form
field,
> > and display the field using Response.Write - I only get a partial
> > distinguishedName - just the CN portion.
> > sAMAccountName seems to be passing without any issues (but then I'd need
> to
> > search and bind again based on that).
> >
> > Thanks,
> > Bharat Suneja
> >
> >
>
>

Joe
Sat Sep 11 09:27:41 CDT 2004

These aren't really AD questions, they are IIS questions. You might have better
luck posting there.

However, I seem to recall with IIS you can store some on server session info.
You might be able to put a copy of the bind variable into that store and
retrieve it. I have done that previously in the global store for ADO connections
I believe.

As for why the full DN isn't coming across, have you looked at the actual HTML
that is generated, it is probably an issue in there.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net



Bharat Suneja wrote:
> [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
>
> Hi All,
>
> I'm running into issues with passing the distinguishedName of a user as a
> hidden form field in a form from one page to the result page.
>
> Page 1: User enters user name in a form field
>
> Page 2: Queries AD, gets distinguishedName, binds to the user.
> Need to add more info to the user if attributes not present.
> Relevant portion of FORM:
>
> Response.Write("<B>ID: " & objUser.ID & "<Font color='Red'>not entered!
> </font></B>" & _
> "<FORM NAME='Form_Addid' ACTION='addid.asp' METHOD='post'>" & _
> "<INPUT TYPE='text' NAME='inputId' SIZE=5 MAXLENGTH=6><br>" & _
> "<INPUT TYPE='hidden' NAME='Username' value=" & objUser.sAMAccountName &
> ">" & _
> "<INPUT TYPE='hidden' NAME='UserDN' value=" & objUser.distinguishedName &
> ">" & _
> "<INPUT TYPE='submit' NAME='Submit_id' value='Add ID'></FORM>")
>
> Page 3: Process form from prevoius page, populate attributes for the same
> user.
> Relevant portions of ASP code to get user's details from previous page.
>
> <%
> strUsername=Request.Form("Username")
> strUserDN = Request.Form("UserDN")
> Response.Write("Username: " & strUsername)
> Response.Write("Distinguished Name" " & strUserDN)
> %>
>
> Questions:
> i) Can the user bind on Page 2 be carried over to page 3 so there's no need
> to search and bind to the user again?
> ii) If not, can the distinguishedName be passed on to Page 3 (like I'm
> trying to do) to eliminate the search portion and simply bind to the
> distinguishedName?
>
> When I try to pass the distinguishedName to Page 3 as a hidden form field,
> and display the field using Response.Write - I only get a partial
> distinguishedName - just the CN portion.
> sAMAccountName seems to be passing without any issues (but then I'd need to
> search and bind again based on that).
>
> Thanks,
> Bharat Suneja
>
>

Bob
Sat Sep 11 09:43:25 CDT 2004

Joe Richards [MVP] wrote:
> However, I seem to recall with IIS you can store some on server
> session info. You might be able to put a copy of the bind variable
> into that store and retrieve it. I have done that previously in the
> global store for ADO connections I believe.
>
You might find this of interest:
http://www.aspfaq.com/show.asp?id=2053

Bob Barrows
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Bharat
Sun Sep 12 16:52:59 CDT 2004

Thanks for pointing this out... that's a good link. Now I need to look for
an alternative to the session variable... or possibly figure out why it
won't be passed in a hidden field. :)

Bharat Suneja

"Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message
news:%231Hi02AmEHA.3496@TK2MSFTNGP12.phx.gbl...
> Joe Richards [MVP] wrote:
> > However, I seem to recall with IIS you can store some on server
> > session info. You might be able to put a copy of the bind variable
> > into that store and retrieve it. I have done that previously in the
> > global store for ADO connections I believe.
> >
> You might find this of interest:
> http://www.aspfaq.com/show.asp?id=2053
>
> Bob Barrows
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>
>

Bob
Sun Sep 12 17:09:16 CDT 2004

I think you missed the point. The article advised against storing _objects_
in session. The only reason I posted it was in reaction to the advice about
storing ADO connections in session, which is not a good idea.

There is no reason to avoid session for scalar variables (except for the
possibility that some users will reject session cookies).

Bob Barrows

Bharat Suneja wrote:
> Thanks for pointing this out... that's a good link. Now I need to
> look for an alternative to the session variable... or possibly figure
> out why it won't be passed in a hidden field. :)
>
> Bharat Suneja
>
> "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message
> news:%231Hi02AmEHA.3496@TK2MSFTNGP12.phx.gbl...
>> Joe Richards [MVP] wrote:
>>> However, I seem to recall with IIS you can store some on server
>>> session info. You might be able to put a copy of the bind variable
>>> into that store and retrieve it. I have done that previously in the
>>> global store for ADO connections I believe.
>>>
>> You might find this of interest:
>> http://www.aspfaq.com/show.asp?id=2053
>>


--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Bob
Mon Sep 13 10:11:37 CDT 2004

Bharat Suneja wrote:
> [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
>
> "<INPUT TYPE='hidden' NAME='UserDN' value=" &
> objUser.distinguishedName & ">" & _
Steps for debugging this:
1. View the source for this page and make sure this element contains the
entire contents of objUser.distinguishedName.
2. Add this line to this page:
Response.Write objUser.distinguishedName
Make sure it writes the value correctly.

Let us know the result.

Bob Barrows

--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.

Bharat
Mon Sep 13 14:15:18 CDT 2004

Thanks for the feedback! On a second thought, I did decide to continue using
session variable because the app/site in question is only used by a small
number of admins - not much of a performance issue.

I'm still curious to find out why it won't show up as a hidden field - and
will investigate this further as you've outllined in the next post - I think
passing it on as a hidden form field would still be the preferable method.

Bharat

"Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message
news:uK43kURmEHA.2020@TK2MSFTNGP09.phx.gbl...
> I think you missed the point. The article advised against storing
_objects_
> in session. The only reason I posted it was in reaction to the advice
about
> storing ADO connections in session, which is not a good idea.
>
> There is no reason to avoid session for scalar variables (except for the
> possibility that some users will reject session cookies).
>
> Bob Barrows
>
> Bharat Suneja wrote:
> > Thanks for pointing this out... that's a good link. Now I need to
> > look for an alternative to the session variable... or possibly figure
> > out why it won't be passed in a hidden field. :)
> >
> > Bharat Suneja
> >
> > "Bob Barrows [MVP]" <reb01501@NOyahoo.SPAMcom> wrote in message
> > news:%231Hi02AmEHA.3496@TK2MSFTNGP12.phx.gbl...
> >> Joe Richards [MVP] wrote:
> >>> However, I seem to recall with IIS you can store some on server
> >>> session info. You might be able to put a copy of the bind variable
> >>> into that store and retrieve it. I have done that previously in the
> >>> global store for ADO connections I believe.
> >>>
> >> You might find this of interest:
> >> http://www.aspfaq.com/show.asp?id=2053
> >>
>
>
> --
> Microsoft MVP - ASP/ASP.NET
> Please reply to the newsgroup. This email account is my spam trap so I
> don't check it very often. If you must reply off-line, then remove the
> "NO SPAM"
>
>

Bob
Mon Sep 13 14:26:05 CDT 2004

Bob Barrows [MVP] wrote:
> Bharat Suneja wrote:
>> [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
>>
>> "<INPUT TYPE='hidden' NAME='UserDN' value=" &
>> objUser.distinguishedName & ">" & _

I just looked again, and realized that the issue may be related to the lack
of delimiters around the name. Try this:

"<INPUT TYPE='hidden' NAME='UserDN' value='" &
objUser.distinguishedName & "'>" & _

Bob Barrows
--
Microsoft MVP -- ASP/ASP.NET
Please reply to the newsgroup. The email account listed in my From
header is my spam trap, so I don't check it very often. You will get a
quicker response by posting to the newsgroup.

Jan
Wed Sep 22 10:35:09 CDT 2004

Hi Bharat,

1) You may be able to store the binded user object in a session or
application variable on page 2, and then read it on page 3. MS recomends not
to use this method with DB objects, but initializing the object(s) on each
page instead. Whether this is the same for ADSI objects I don't know.

2) Sure you can. On page 2, instead of "objUser.distinguishedName" try
"Server.URLEncode(objUser.distinguishedName)". I think the problem is caused
by "," in the DN. If this does not work, try HtmlEncode.
Instead of passing the DN, you could also pass the GUID. The GUID will never
change (I guess), the DN can change. Use the following string to bind using
a guid: LDAP://<GUID=xxxxxx>


Kind regards,
Jan Nielsen

Kody
Wed Oct 06 11:32:37 CDT 2004

You can store objects in your session, but this is generally frowned upon
due to side-effects (slow, more server memory usage, etc.).

--
-Kody
kody at weekendtech dot net
"Custom ASP.Net Web Controls"



"Bharat Suneja" <bharat@nospam.com> wrote in message
news:%23KBAxy0lEHA.3712@TK2MSFTNGP15.phx.gbl...
> [FOLLOW-UPS TO microsoft.public.scripting.vbscript]
>
> Hi All,
>
> I'm running into issues with passing the distinguishedName of a user as a
> hidden form field in a form from one page to the result page.
>
> Page 1: User enters user name in a form field
>
> Page 2: Queries AD, gets distinguishedName, binds to the user.
> Need to add more info to the user if attributes not present.
> Relevant portion of FORM:
>
> Response.Write("<B>ID: " & objUser.ID & "<Font color='Red'>not entered!
> </font></B>" & _
> "<FORM NAME='Form_Addid' ACTION='addid.asp' METHOD='post'>" & _
> "<INPUT TYPE='text' NAME='inputId' SIZE=5 MAXLENGTH=6><br>" & _
> "<INPUT TYPE='hidden' NAME='Username' value=" & objUser.sAMAccountName &
> ">" & _
> "<INPUT TYPE='hidden' NAME='UserDN' value=" & objUser.distinguishedName
> &
> ">" & _
> "<INPUT TYPE='submit' NAME='Submit_id' value='Add ID'></FORM>")
>
> Page 3: Process form from prevoius page, populate attributes for the same
> user.
> Relevant portions of ASP code to get user's details from previous page.
>
> <%
> strUsername=Request.Form("Username")
> strUserDN = Request.Form("UserDN")
> Response.Write("Username: " & strUsername)
> Response.Write("Distinguished Name" " & strUserDN)
> %>
>
> Questions:
> i) Can the user bind on Page 2 be carried over to page 3 so there's no
> need
> to search and bind to the user again?
> ii) If not, can the distinguishedName be passed on to Page 3 (like I'm
> trying to do) to eliminate the search portion and simply bind to the
> distinguishedName?
>
> When I try to pass the distinguishedName to Page 3 as a hidden form field,
> and display the field using Response.Write - I only get a partial
> distinguishedName - just the CN portion.
> sAMAccountName seems to be passing without any issues (but then I'd need
> to
> search and bind again based on that).
>
> Thanks,
> Bharat Suneja
>
>