我需要验证给定LDAP连接URL和服务帐户的用户。但是,当我只是进行目录搜索时,我看到了不同的行为,它运行得很好,并且正在执行Membership.GetAllUsers(),它失败并且“无法联系到指定的域或服务器”
private static void GetUsers()
{
// this succeeds to list all users
DirectoryEntry de = new DirectoryEntry()
{
Path = "LDAP://serveraddres/DC=BLAH,DC=COM",
Username = "validusername",
Password = "validpassword",
};
DirectorySearcher srch = new DirectorySearcher(de)
{
Filter = "(objectClass=user)"
};
using (SearchResultCollection results = srch.FindAll())
{
foreach (SearchResult res in results)
{
Console.WriteLine("\t{0}", res.Path);
}
}
// Below fails with 'The specified domain or server could not be contacted.'
foreach (var user in Membership.GetAllUsers())
{
... do domething
}
}
这是web.config中的配置 - connectionString和MembershipProvider
<add name="IAMConnectionString" connectionString="LDAP://serveraddres/DC=BLAH,DC=COM" />
<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="validusername"
connectionPassword="validpassword" enableSearchMethods="true"
attributeMapUsername="sAMAccountName"
connectionProtection="Secure"
/>
为什么DirectorySercher工作正常,但Membership.GetAllUsers()没有,使用相同的服务帐户?