I have an interesting one. If I run AD LDS on the same box as SharePoint and leverage an LDAP provider, I'm getting "the specified directory service attribute or value does not exist" when attempting to resolve a directoryEntry based on search parameters. However, if I point the same LDAP provider to a remote machine with AD LDS, I have no issues searching for DirectoryEntries. Permissions on the AD LDS instances, as far as I can tell, are identical. The Application Pool that is making the call is either present in the User or Administrator role (for testing purposes).
I noticed, however, that when I passed a username and password through my provider (using my own credentials), the search of the localhost AD LDS instance functioned.
This is the code path difference:
if (username != string.Empty && password != string.Empty)
{
directoryEntry.AuthenticationType = LdapAuthentication(useSSL);
directoryEntry.Username = username;
directoryEntry.Password = password;
}
else
{
directoryEntry.AuthenticationType = LdapAuthentication(useSSL);
}LdapAuthentication simply returns AuthenticationType.Secure in this case.
SharePoint - Nauplius Applications
Microsoft SharePoint Server MVP
MCITP: SharePoint Administrator 2010
-----------------------
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.
