小贝子编程

在尝试检索授权组时,发生错误(5)



如果我在服务器上运行应用程序,而不是在本地运行,则会得到此错误。为什么这发生在服务器上而不是本地?

List<GroupPrincipal> result = new List<GroupPrincipal>();
// establish domain context
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);
// find your user
UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName);
// if found - grab its groups
if (user != null)
{
//here happens the error on server.
PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();

请帮帮我。

堆栈跟踪:

   [PrincipalOperationException: While trying to retrieve the authorization groups, an error (5) occurred.]
   System.DirectoryServices.AccountManagement.AuthZSet..ctor(Byte[] userSid, NetCred credentials, ContextOptions contextOptions, String flatUserAuthority, StoreCtx userStoreCtx, Object userCtxBase) +317263
   System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) +441
   System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() +78
   System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups() +11
   IntegrationApp.App_Code.ActiveDir.GetGroups(String userName) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierDALActiveDir.cs:54
   IntegrationApp.App_Code._3_Tier.BAL.DatabaseBAL.BepaalDefaultNiveau2(String melder) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierBALDatabaseBAL.cs:75
   IntegrationApp.Detailscherm.VulLijsten() in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:89
   IntegrationApp.Detailscherm.Page_Load(Object sender, EventArgs e) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:30
   System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
   System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
   System.Web.UI.Control.OnLoad(EventArgs e) +132
   System.Web.UI.Control.LoadRecursive() +66
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2428

我找到了另一个访问GROUPS的解决方案:

PrincipalSearchResult<Principal> groups = user.GetGroups();

您的进程以什么身份在服务器上运行?最有可能的是,该用户没有访问您的活动目录的正确权限。

你能测试它是否与PrincipalContext的构造函数一起工作吗?

PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain, "MY.DOMAIN.HERE", "USERNAME", "PASSWORD");

如果可以的话,你可能需要为你的应用创建一个专用的域用户。

我发现执行GetAuthorizationGroups需要Windows授权访问组中的成员资格。

参见以下文章:http://support.microsoft.com/kb/331951

只是猜测,但这听起来像是信任级别的问题。看看这里包含的信息是否有帮助:

  • http://msdn.microsoft.com/en-us/library/ff648243.aspx
  • http://www.csharp411.com/executing-code-in-partial-trust-environments/

您是否在您的机器上以管理员身份运行它,而在服务器上以更有限的帐户运行它?

如果是,我会尝试在服务器上以完全信任的方式运行它(如果可以的话),看看问题是否消失。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium