I have an ASP app. setup using Windows Authentication that I can open from IE without being prompted for credentials, but when I try to open the same ASP app. from a VB Script I get a 401 - not authorized error.
How do I get the VB Script to open the app without supplying credentials?
VB Script:
Dim srvHTTP
set srvHTTP = CreateObject("MSXML2.ServerXMLHttp.3.0")
srvHTTP.open "GET", "http://myserver/sample.aspx", false
srvHTTP.send
WScript.Echo("Status: " & srvHTTP.status)
Try using the WinHttpRequest object instead. It allows you to specify the logon policy. The following example may work for you.
Const AutoLogonPolicy_Always = 0
Dim objWinHttp
Set objWinHttp = CreateObject("WinHttp.WinHttpRequest.5.1")
objWinHttp.SetAutoLogonPolicy AutoLogonPolicy_Always
objWinHttp.Open "GET", "http://myserver/sample.aspx", False
objWinHttp.Send
You may also need to configure your proxy to enable "keep alive" connections, since NTLM authentication requires a number of handshakes.
Related
I'm moving an old ASP application from a Windows Server 2012R2 to a new Windows Server 2016 Standard Edition:
Old server had IIS 8, new server uses IIS 10
this application has some routines that makes an MSXML2.ServerXMLHTTP.6.0 call to a page hosted on the same server:
the problem is that this routine works on the old server, but does not work on the new server
I build this small routine to make the test
<%
Dim xmlhttp
Dim payload
payload="OID="&Timer*100
Set xmlhttp = Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
xmlhttp.setTimeouts 30,500,1000,1000
xmlhttp.Open "GET", "http://sameserver.com/test.asp?"&payload , false
On Error Resume Next
xmlhttp.Send
If Err.Number Then
response.write "ERROR: Could Not Retrieve Remote Server <br> Error Number: "&Err.Number&"<br>Error Description: "&Err.Description
Err.Clear
Else
response.write = "OK: "&xmlhttp.ResponseText
End If
On Error Goto 0
Set xmlhttp = nothing
%>
that works on the old server but on the new server returns
Error Number: -2147012894
Error Description: Operation Timeout
I thought there were some bad/missing settings on new server, perhaps in IIS Settings, but I also tried a very simple test in PHP, that works fine:
<?php
$timer= new DateTime();
$payload='OID='.$timer->format('Y-m-d%20H:i:s');
$url='http://sameserver.com/test.asp?'.$payload;
echo file_get_contents($url);
?>
Clearly I can change these routine and use PHP, but I'm afraid that this error could create also other, at present, undisclosed issues
Can suggest the possible reason, or, at least, which checks has to be made?
Thanks
Your answer is here. Microsoft recommends not making ServerXMLHTTP to the same server. There are probably alternatives; it's hard to tell what you're trying to do from the code you posted.
There are lots of questions that ask about the 80072ee2 "The operation timed out" error in msxml3.dll, but most are resolved by moving the requested URL to a different application pool. But, we already do this and are still getting this error on a semi-regular basis.
We're running a Windows 2008 server and IIS7.5 - the website is Classic ASP and the code is:
set xmlhttp = CreateObject("MSXML2.ServerXMLHTTP")
xmlhttp.open "GET", "http://www.mysite.co.uk/_search/search.php", false
xmlhttp.send ""
strResponseText = xmlhttp.responseText
set xmlhttp = nothing
The folder '_search' is a virtual folder and is set to use a separate application pool from the main site. It is a busy-ish site, and we don't get a timeout every-time it's called... but once you get one, there are often a number of them in succession. We know this is happening because we're logging the 500 errors on the site.
Does anyone have any ideas (please don't suggest re-writing the Classic ASP or PHP - it's not possible at the moment)?
Thanks
Your code looks absolutely fine. Two things you can try though.
First try
Server.CreateObject("MSXML2.ServerXMLHTTP.6.0")
This may not make any difference, but you're msxml6.dll - which is present on IIS7 - rather than the older msxml3.dll
Second, if you have Remote desktop access, see what happens when you try to access http://www.mysite.co.uk/_search/search.php from the server's own copy of IE. I've encountered situations where you can't see a site the server hosts itself through the external URL and you have to use localhost or 127.0.0.1
I solved it by creating a new site with the same physical path domain name etc but different port number (like 81)
xmlhttp.open "GET", "http://www.mysite.co.uk:81/_search/search.php", false
I have an ASP.NET 4.0 site on IIS 7.0 that is having first time load issues described here.
I've done some testing, and can confirm that it's only the first load of the page that is slow; every subsequent page loads normally. After googling around for this, I found a "warmup" script that can send an HTTP request the first time after the app pool is recycled, and this seems to fix the problem. BUT, I'm not sure if it will work when I force set the page to use only HTTPS/SSL?
The script I'm currently using is as follows:
Dim website1
website1 = "http://<website domain>/Auth/Login.aspx"
Function WarmUpSite(strURL)
On Error Resume Next
Dim objHTTP
Set objHTTP = CreateObject("MSXML2.XMLHTTP")
objHTTP.Open "GET", strURL, False
objHTTP.Send
If Err.Number=0 And objHTTP.Status=200 Then
Hget=strURL & " has been warmed up successfully at: "&Date()&" "&Time()
Else
Hget=strURL & " found error at: "&Date()&" "&Time()
End If
Set objHTTP = Nothing
'Section for writing into a text file
Const FOR_APPENDING = 8
strFileName = "C:\WarmUpLog.txt"
Set objFS = CreateObject("Scripting.FileSystemObject")
Set objTS = objFS.OpenTextFile(strFileName,FOR_APPENDING)
objTS.WriteLine Hget
End Function
WarmUpSite(website1)
So my question is how I would make this work if the website I'm warming up is a login page that will be an HTTPS address, not HTTP? My apologies if this is a dumb question, I do relatively little web work.
Well, apparently it just involved changing the value of website1 to an HTTPS url.
;)
I'm having facing problemind with LDAP, its bit strange one. My Web server is IIS7.5(windows server 2008 R2). Its configured to use windows Authentication. I've pasted my asp page below.
Web browser is IE8, Have added the website to intranet zone and enabled send, user details if intranet zone in security tab->custom level. Intigrated windows authentication is enabled in advanced tab.
Everything works fine for 20minutes(Session time setiing and other default time out settings are for 20min). After 20minutes I get it ASP runtime error. Which says method or property memberOf for object objUser is not supported. When I get below error I change the Authentication type to basic Authentication. It prompts for windows credentials and works fine. After that I again revert back to windows authentication. And it works for sometime.
Not sure if IIS7.5 id configured with basic authentication enabled and IE8 configured as above, still why it prompts for windows Credential. Though windows Authentication mode doesn't prompt for credential, It works fine but for certain period. Can any one explain me why this strange behaviour and solution to fix this one?
<%# LANGUAGE="VBSCRIPT" %>
<%
Option Explicit
Dim oADSysInfo
Dim objUser
Dim strGroupData
Dim strUserDN
Dim arrGroups
Dim strGroup
Dim wsObject
Dim netSys
Dim strUsrDomain
strGroupData = ""
Set wsObject = CreateObject("WScript.Shell")
Set netSys = CreateObject("WScript.Network")
strUsrDomain = netSys.UserDomain
Set oADSysInfo = CreateObject("ADSystemInfo")
If err.number <> 0 Then
'getLDAPGroupInfo = strGroupData
'wsObject.popup("Error"& e.decription)
'Exit Function
End If
strUserDN = oADSysInfo.UserName
Set objUser = GetObject("LDAP://"& strUserDN)
arrGroups = objUser.memberOf
If IsEmpty(arrGroups) Then
'Wscript.Echo "Member of no groups"
ElseIf (TypeName(arrGroups) = "String") Then
'Wscript.Echo "Member of group " & arrGroups
strGroupData = arrGroups
Else
For Each strGroup In arrGroups
strGroupData = strGroupData & "," & strGroup
Next
'strGroupData = arrGroups
End If
Response.Write(strGroupData)
%>
I employed rather simple solution.
Solution I employed was as follows.
My Application is running under specific user identity(Physical path credential and Application pool idenity set to DNS account)
I created another page with above code and ran under applcation pool identity(SPN) and there by created a primary token key between Active Directory server and Webserver server
Using that key I again connected to LDAP to query user related info by calling above code under virtual directory having windows authentication and and running under user identity, there by getting user details.
If you are using asp.net programmatically impersonate user and get user detail from ldap and on application start create primary token by connecting ldap, The primary key persists till worker process is killed
Issue
Msxml2.ServerXMLHTTP keeps returning 401 - Unauthorised errors each time we attempt to read the contents of a file (ASP) from a web server.
Source server is running IIS6, using NTLM integrated login.
This process has been used successfully before, but only in as far as extracting XML files from external websites, not internal ones.
The proxy settings in the registry of the server on which the script is run has also been updated to bypass the website in question, but to no avail.
All paths identified in the VBScript have been checked and tested, and are correct.
User running the script has correct read/write permissions for all locations referenced in the script.
Solution needed
To identify the cause of the HTTP 401 Unauthorised messages, so that the script will work as intended.
Description
Our organisation operates an intranet, where the content is replicated to servers at each of our remote sites. This ensures these sites have continued fast access to important information, documentation and data, even in the event of losing connectivity.
We are in the middle of improving the listing and management of Forms (those pesky pieces of paper that have to be filled in for specific tasks). This involves establising a database of all our forms.
However, as the organisation hasn't been smart enough to invest in MSSQL Server instances at each site, replication of the database and accessing it from the local SQL server isn't an option.
To work around this, I have constructed a series of views (ASP pages) which display the required data. I then intend to use Msxml2.ServerXMLHTTP by VBScript, so I can read the resulting pages and save the output to a static file back on the server.
From there, the existing replication process can stream these files out to the site - with users having no idea that they're looking at a static page that just happened to be generated from database output.
Code
' Forms - Static Page Generator
' Implimented 2011-02-15 by Michael Harris
' Purpose: To download the contents of a page, and save that page to a static file.
' Target category: 1 (Contracts)
' Target Page:
' http://sharename.fpc.wa.gov.au/corporate/forms/generator/index.asp
' Target path: \\servername\sharename\corporate\forms\index.asp
' Resulting URL: http://sharename.fpc.wa.gov.au/corporate/forms/index.asp
' Remove read only
' Remove read only flag on file if present to allow editing
' If file has been set to read only by automated process, turn off read only
Const READ_ONLY = 1
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.GetFile("\\server\sharename\corporate\forms\index.asp")
If objFile.Attributes AND READ_ONLY Then
objFile.Attributes = objFile.Attributes XOR READ_ONLY
End If
Dim webObj, strURL
Set webObj = CreateObject("Msxml2.ServerXMLHTTP")
strURL = "http://sharename.fpc.wa.gov.au/corporate/forms/generator/index.asp"
webObj.Open "GET", strURL
webObj.send
If webObj.Status=200 Then
Set objFso = CreateObject("Scripting.FileSystemObject")
Set txtFile = objFso.OpenTextFile("file:\\servername.fpc.wa.gov.au\sharename\corporate\forms\index.asp", 2, True)
txtFile.WriteLine webObj.responseText
txtFile.close
ElseIf webObj.Status >= 400 And webObj.Status <= 599 Then
MsgBox "Error Occurred : " & webObj.Status & " - " & webObj.statusText
Else
MsgBox webObj.ResponseText
End If
Replace your line:
webObj.Open "GET", strURL
With:
webObj.Open "GET", strURL, False, "username", "password"
In most cases 401 Unauthorized means you haven't supplied credentials. Also you should specifiy False to indicate you don't want async mode.
It sounds like the O.P. got this working with the correct proxy settings in the registry (http://support.microsoft.com/kb/291008 explains why proxy configuration will fix this). Newer versions of ServerXMLHTTP have a setProxy method that can be used to set the necessary proxy configuration in your code instead.
In the O.P. code above, after webObj is created, the following line of code would set up the proxy correctly:
webObj.setProxy 2, "0.0.0.0:80", "*.fpc.wa.gov.au"
ServerXMLHTTP will pass on the credentials of the user running the code if it is configured with a proxy, and if the target URL bypasses that proxy. Since you are bypassing the proxy anyway, you can make it a dummy value "0.0.0.0:80", and make sure your target url is covered by what you specify in the bypass list "*.fpc.wa.gov.au"
I would first test if you can reach your url through a normal browser on the same server X you run your code on (A). I would try then reach the url from another PC. One never used to reach that url but in the same network as server X (B).
If B works but A doesn't I would suspect that for some reason your source server (i.e. that one that serves the url) blocks server X for some reason. Check the security settings of II6 and of NTLM.
If both A and B don't work, there is something wrong more in general with your source server (i.e. it blocks everything or NTML doesn't allow you in).
If A works (B doesn't matter then), the problem has to be somewhere in your code. In that case, I would recommend fiddler. This tool can give you the HTTP requests of both your browser and your code in realtime. You can then compare both. That should give you at least a very strong hint about (if not immediately give you) the solution.