Error when using UserPrinciple on a remote machine
Error when using UserPrinciple on a remote machine
So I have a hosting domain that's currently running my App on IIS 7, Application Pool Settings:
IIS Authentication settings:
There is also a different version of the app that is working fine with these settings. So within my current App I have this code to get and store the user SID:
public static SecurityIdentifier GenerateUserSID()
return (UserPrincipal.Current.Sid);
public virtual ActionResult AddComment (string comment, int taskId, DateTime selectedDate)
var msg = string.Empty;
try
Comment newComment = new Comment();
var sid = ApplicationUtils.GenerateUserSID();
newComment.CommentText = comment;
newComment.Analyst = sid.ToString();
newComment.TaskHistoryId = taskId;
newComment.SelectedDateTimestamp = selectedDate;
newComment.AddedTimestamp = DateTime.Now;
_db.Comments.Add(newComment);
_db.SaveChanges();
catch (Exception e)
msg = "Error: " + e;
return Json(msg, JsonRequestBehavior.AllowGet);
return Json(comment, JsonRequestBehavior.AllowGet);
And I get the following error returned:
System.DirectoryServices.DirectoryServicesCOMException (0x80072020): An operations error occurred. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.PropertyValueCollection.PopulateList() at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName) at System.DirectoryServices.PropertyCollection.get_Item(String propertyName) at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit() at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx() at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, IdentityType identityType, String identityValue) at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, IdentityType identityType, String identityValue) at System.DirectoryServices.AccountManagement.UserPrincipal.get_Current() at Governance.Controllers.DashboardController.AddComment(String comment, Int32 taskId, DateTime selectedDate)
This only happens when accessing the App on remote machines, on the local machine it works fine.
Does anyone know what's causing this and how to fix it?
1 Answer
1
So I managed to fix this without changing any permissions in Active Directory.
So now instead of linking to ApplicationUtils, I have this:
public virtual string GetSid()
using (HostingEnvironment.Impersonate())
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, User.Identity.Name);
var sid = user.Sid;
return sid.ToString();
So to get the SID I simple need to call GetSid() and it will return a string version of the SID.
GetSid()
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.
