Re: ComException (0x80072020): An Operations error occurred

This happens because you are binding anonymously.  Windows Server 2003 
requires authenticated binds to perform operations by default while
Windows 
2000 does not and will allow anonymous searches (although with limited 
results).

My guess is that you probably thought your app was binding to the
directory 
before but it was not.  It also could be the case that you had Kerberos 
delegation enabled for the old DC but not for the new DC, so you
application 
is unable to delegate.  When you have a web app that attempts to bind to
the 
directory with the credentials of the authenticated user instead of a
fixed 
service account (essentially, you have impersonation enabled), you must
have 
Kerberos delegation enabled.

Joe K.
-- 
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"WillG" <WillG@[EMAIL PROTECTED]
> wrote in message 
news:7E5890C2-BD6A-41FB-A859-766D9B4C391D@[EMAIL PROTECTED]
> We have just upgraded to Windows 2003 R2 Sp2 AD from Windows 2000 SP4
AD.
>
> One of our asp application that used to be able to bind using LDAP to
one 
> of
> our Domain Controllers presented a ComException 0x80072020 error using
the
> bind string of "LDAP://newserver.domain.com" if I change the xml web 
> config
> file back to use a Windows 2000 server in the bind action the
application
> works fine.
>
> I have removed LDAP signing reuqirements etc but I would like to know
how 
> to
> resolve the bind problem with Windows 2003 R2 domain contrllers before I
> upgrade the remaining Windows 2000 servers.
>
> As a sidenote - the application uses the end users credentials and not
> anonymous.