UserPrincipal Getauthorizationgroups出错

时间:2013-08-21 02:50:39

标签: c# sharepoint active-directory principalcontext

  

错误1:发生操作错误。

     

错误2:尝试检索授权组时出错   (110)发生了。

public static bool CheckGroupMembership(string userID, string groupName, string domain)
{
    bool isMember = false;

    // Get an error here, so then I use my username/password and it works... 
    PrincipalContext ADDomain = new PrincipalContext(ContextType.Domain, domain); 

    UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(ADDomain, userID);

    PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetAuthorizationGroups(); //<-- Error is here: 

    foreach (Principal oResult in oPrincipalSearchResult)
    {
        if (oResult.Name.ToLower().Trim() == groupName.ToLower().Trim())
        {
            isMember = true;
        }
    }
    return isMember;
}

当我在同一台机器上进行调试时,这一切都有效,只有当我从远程服务器上拉网页时才会失败。

1 个答案:

答案 0 :(得分:0)

这就是我所做的。

因为我希望DLL保持独立且独立于SharePoint,所以我在SharePoint调用中为需要此方法的方法添加了这个... 

        SPSecurity.RunWithElevatedPrivileges(delegate()
        {
            .... method goes here ....
        });

在DLL文件中它正在调用我添加了这个:

    private static bool UserHasPermisions(string userAccount, List<string> list)
    {
        bool userHasPermisions = true; 

        if (list != null && list.Count > 0)
        {
            userHasPermisions = false;

            foreach (string item in list)
            {
                if (CheckGroupMembership(userAccount, item, "domain.local goes here..."))
                {
                    userHasPermisions = true;
                }
            }
        }

        return userHasPermisions;
    }


public static bool CheckGroupMembership(string userID, string groupName, string domain)
    {
        bool isMember = false;

        try
        {
            PrincipalContext ADDomain = GetPrincipalContext();

            UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(ADDomain, userID);

            PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetAuthorizationGroups();

            foreach (Principal oResult in oPrincipalSearchResult)
            {
                if (oResult.Name.ToLower().Trim() == groupName.ToLower().Trim())
                {
                    isMember = true;
                }
            }
        }
        catch { }

        return isMember;
    }

    private static PrincipalContext GetPrincipalContext()
    {
        string domain = "your local domain";
        string defaultOU = "DC=domain here,DC=local";
        string serviceUser = @"domain here\read only system account";
        string servicePassword = @"password goes here";

        PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, domain, defaultOU, ContextOptions.SimpleBind, serviceUser, servicePassword);

        return oPrincipalContext;
    }

我不喜欢这条路线,但为了保持DLL独立,我不得不这样做。

相关问题
最新问题