They say it all boils down to security.  It's the account used by ASP.NET.  It's setting <identity impersonate=“true“/>.  It's the way you set up ADAM.

It's making sure that the ADAM user you are logging in with is a member of the Readers role.

It's making sure that when attempting to create a System.DirectoryServices.DirectoryEntry, the ADAM username you are trying to bind with is the DN of the username, not the CN or anything else.

It's making sure that when trying to create that DirectoryEntry to bind with an ADAM user, you set the AuthenticationTypes to None.

Yes, dear reader, it's all of those.  But, if like me you still find yourself with the “Unknown error”, and you've played with Reflector and walked through System.DirectoryServices, and googled “ADsOpenObject 0x80005000” and you've wept, and shaken your fist--keep going.

If you've ghosted your machine back to August 2003 to get rid of the Framework 2.0 beta you installed a few weeks back to play with Monad, and you still get the “Unknown error”, keep going.

If you've reinstalled ADAM twelve times, then created a fresh VMWare guest of 2003 with all the trappings, installed ADAM, run your code, and you still get the “Unknown error”, keep going.

When, after 24 hours of frustration, seditious thoughts of the quality of System.DirectoryServices.dll going through your head, you find yourself contemplating a switch to Linux, relax.  I have an answer for you:

It's “LDAP://”, not “ldap://”.

[read more]