AzMan/ADAM AccessCheck exception

I'm using the example code posted here
http://blogs.msdn.com/azman/archive/2006/05/06/591230.aspx to authenticate
users in an ADAM instance and also to query their group membership. I am able
to authenticate a user and get their SID, groupTokens SIDs, and DN, open the
ADAM store to set the IAzApplication2 object, create an emply
IAzClientContext2, ... but when it comes to making the
IAzClientContext2.AccessCheck call I get the following error:

"The security identifier provided does not have a domain component.
(Exception from HRESULT: 0x800704EA)"

I've found that if I manually set the IAzClientContext2.RoleForAccessCheck
property to any value I don't get the error, but I don't get valid data back
either (values of 5 returned for all my resource ids). Even if I could get
this to work, it wouldn't be correct as resource checks should be based upon
the LDAP Application Groups in AzMan combined with the
IAzClientContext2.LDAPQueryDN value, not on RoleForAccessCheck.

My application code is running on a XP SP2 machine on the same domain as the
2003 R2 server where AzMan 5.2 /ADAM 1.1 are running.

Thanks for any suggestions.
Don

 

You might want to post this question on the platformsdk.security newsgroup
too. I've seen the most AzMan questions get answered there. Most people in
this group have never heard of AzMan.

Joe K.

 

I have the same issue with all 5s being returned

Did you ever find a solution for this?