UserPrincipal.FindByIdentity有时会失败并发生DirectoryServicesCOMException:发生了操作错误

时间:2013-04-04 06:40:17

标签: asp.net visual-studio active-directory claims-based-identity

我们是一个团队,我们每个人都会遇到这种随机错误。错误列在下面并显示在行上:UserPrincipal.FindByIdentity(principalContext,windowsPrincipal.Identity.Name);

它可以正常工作几天/几周/几个月,然后我们中的一个人会收到此错误。

在我们的测试服务器上,我们不会像本地计算机那样频繁地部署更改,它会在我们收到此错误之前工作很多个月。

如果我们将应用程序池从ApplicationPoolIdentity更改为NetworkService,那么它可以正常工作。但是,在切换回ApplicationPoolIdentity后,会出现相同的错误。

IISreset无济于事。

重新启动计算机始终可以解决问题,因此ApplicationPoolIdentity每天都可以对我们进行身份验证。

这是我们使用的代码(稍加修改):

var windowsPrincipal = principal as WindowsPrincipal;
if (windowsPrincipal == null)
    return null;
try
{
    var principalContext = new PrincipalContext(ContextType.Domain);
    var userPrincipal = UserPrincipal.FindByIdentity(principalContext, windowsPrincipal.Identity.Name);
    if (userPrincipal == null) return null;
    return userPrincipal.Surname;
}

以下是错误消息:

An operations error occurred.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.

Source Error:
var principalContext = new PrincipalContext(ContextType.Domain);
var userPrincipal = UserPrincipal.FindByIdentity(principalContext, windowsPrincipal.Identity.Name);

Stack Trace:


[DirectoryServicesCOMException (0x80072020): An operations error occurred.
]
   System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +628309
   System.DirectoryServices.DirectoryEntry.Bind() +44
   System.DirectoryServices.DirectoryEntry.get_AdsObject() +42
   System.DirectoryServices.PropertyValueCollection.PopulateList() +29
   System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) +63
   System.DirectoryServices.PropertyCollection.get_Item(String propertyName) +163
   System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() +521413
   System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit() +51
   System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() +161
   System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx() +42
   System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +29
   System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) +81

1 个答案:

答案 0 :(得分:0)

如果你没有把它丢弃在最后一块中,你最终会耗尽资源......

Using (var principalContext = new PrincipalContext(ContextType.Domain)) 
{
var userPrincipal = UserPrincipal.FindByIdentity(principalContext, 
  windowsPrincipal.Identity.Name);
if (userPrincipal == null) return null;
  return userPrincipal.Surname;
}

应该帮助