如果我在服务器上运行应用程序,而不是在本地运行应用程序,则会出现此错误。为什么这发生在服务器而不是本地?
List<GroupPrincipal> result = new List<GroupPrincipal>();
// establish domain context
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);
// find your user
UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName);
// if found - grab its groups
if (user != null)
{
//here happens the error on server.
PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();
请帮帮我。
堆栈跟踪:
[PrincipalOperationException: While trying to retrieve the authorization groups, an error (5) occurred.]
System.DirectoryServices.AccountManagement.AuthZSet..ctor(Byte[] userSid, NetCred credentials, ContextOptions contextOptions, String flatUserAuthority, StoreCtx userStoreCtx, Object userCtxBase) +317263
System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) +441
System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() +78
System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups() +11
IntegrationApp.App_Code.ActiveDir.GetGroups(String userName) in C:\Documents and Settings\mta\My Documents\IntegrationApp\IntegrationApp\App_Code\3-Tier\DAL\ActiveDir.cs:54
IntegrationApp.App_Code._3_Tier.BAL.DatabaseBAL.BepaalDefaultNiveau2(String melder) in C:\Documents and Settings\mta\My Documents\IntegrationApp\IntegrationApp\App_Code\3-Tier\BAL\DatabaseBAL.cs:75
IntegrationApp.Detailscherm.VulLijsten() in C:\Documents and Settings\mta\My Documents\IntegrationApp\IntegrationApp\Detailscherm.aspx.cs:89
IntegrationApp.Detailscherm.Page_Load(Object sender, EventArgs e) in C:\Documents and Settings\mta\My Documents\IntegrationApp\IntegrationApp\Detailscherm.aspx.cs:30
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
System.Web.UI.Control.OnLoad(EventArgs e) +132
System.Web.UI.Control.LoadRecursive() +66
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2428
答案 0 :(得分:10)
我找到了另一种解决方案来访问GROUPS:
PrincipalSearchResult<Principal> groups = user.GetGroups();
答案 1 :(得分:3)
您的进程在服务器上运行的身份是什么?最有可能的是,该用户没有访问Active Directory的正确权限。
您可以测试它是否适用于PrincipalContext的构造函数吗?
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain, "MY.DOMAIN.HERE", "USERNAME", "PASSWORD");
如果可行,您可能希望为您的应用创建专用域用户。
答案 2 :(得分:3)
我发现执行GetAuthorizationGroups需要Windows授权访问组的成员资格。
答案 3 :(得分:2)
只是一个猜测,但这听起来像是信任级别的问题。看看这里包含的信息是否有帮助:
您是以管理员身份运行它还是服务器上的限制帐户?
如果是这样,我会尝试在服务器上完全信任它(如果可以的话),看看问题是否消失。