如果我在服务器上运行应用程序,而不是在本地运行,则会得到此错误。为什么这发生在服务器上而不是本地?
List<GroupPrincipal> result = new List<GroupPrincipal>();
// establish domain context
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);
// find your user
UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName);
// if found - grab its groups
if (user != null)
{
//here happens the error on server.
PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();
请帮帮我。
堆栈跟踪:
[PrincipalOperationException: While trying to retrieve the authorization groups, an error (5) occurred.]
System.DirectoryServices.AccountManagement.AuthZSet..ctor(Byte[] userSid, NetCred credentials, ContextOptions contextOptions, String flatUserAuthority, StoreCtx userStoreCtx, Object userCtxBase) +317263
System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) +441
System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() +78
System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups() +11
IntegrationApp.App_Code.ActiveDir.GetGroups(String userName) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierDALActiveDir.cs:54
IntegrationApp.App_Code._3_Tier.BAL.DatabaseBAL.BepaalDefaultNiveau2(String melder) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierBALDatabaseBAL.cs:75
IntegrationApp.Detailscherm.VulLijsten() in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:89
IntegrationApp.Detailscherm.Page_Load(Object sender, EventArgs e) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:30
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
System.Web.UI.Control.OnLoad(EventArgs e) +132
System.Web.UI.Control.LoadRecursive() +66
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2428
我找到了另一个访问GROUPS的解决方案:
PrincipalSearchResult<Principal> groups = user.GetGroups();
您的进程以什么身份在服务器上运行?最有可能的是,该用户没有访问您的活动目录的正确权限。
你能测试它是否与PrincipalContext的构造函数一起工作吗?
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain, "MY.DOMAIN.HERE", "USERNAME", "PASSWORD");
如果可以的话,你可能需要为你的应用创建一个专用的域用户。
我发现执行GetAuthorizationGroups需要Windows授权访问组中的成员资格。
参见以下文章:http://support.microsoft.com/kb/331951
只是猜测,但这听起来像是信任级别的问题。看看这里包含的信息是否有帮助:
- http://msdn.microsoft.com/en-us/library/ff648243.aspx
- http://www.csharp411.com/executing-code-in-partial-trust-environments/
您是否在您的机器上以管理员身份运行它,而在服务器上以更有限的帐户运行它?
如果是,我会尝试在服务器上以完全信任的方式运行它(如果可以的话),看看问题是否消失。