PrincipalContext:异常详细信息:System.DirectoryServices.DirectoryServicesCOMException:发生操作错误
PrincipalContext: Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred
我正在尝试为用户搜索 AD,但它一直抛出异常。该应用程序设置为使用 AppPool。我确定登录用户有权搜索 AD。
代码:
public static UserADInfoModel ResolveUserProperties(string sam)
{
UserADInfoModel uad = new UserADInfoModel();
PrincipalContext DC = new PrincipalContext(ContextType.Domain,
"lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
UserPrincipal userSearch = new UserPrincipal(DC);
userSearch.SamAccountName = "(&(objectClass=user)(sam)";
PrincipalSearcher search = new PrincipalSearcher();
search.QueryFilter = userSearch;
PrincipalSearchResult<Principal> res = search.FindAll();
堆栈跟踪:
[DirectoryServicesCOMException (0x80072020): An operations error occurred.
]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +399003
System.DirectoryServices.DirectoryEntry.Bind() +36
System.DirectoryServices.DirectoryEntry.get_SchemaEntry() +35
System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) +47
System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) +116
System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) +143
System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +244
来源错误:
Line 45: PrincipalContext DC = new PrincipalContext(ContextType.Domain, "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
Line 46: UserPrincipal userSearch = new UserPrincipal(DC);
Line 47: userSearch.SamAccountName = "(&(objectClass=user)(sam)";
Line 48: PrincipalSearcher search = new PrincipalSearcher();
Line 49: search.QueryFilter = userSearch;
对我来说,PrincipalContext 构造函数中错误的赋值和 SamAccountName 的赋值看起来很可疑,并且似乎是异常的可能原因。
DN 应包含相反顺序的路径,即当 OU 和 DC 组件都存在时,应以 OU 或 CN 开头。此外,SamAccountName 值必须是有效的字符串值。
请尝试以下方式:
PrincipalContext DC = new PrincipalContext(ContextType.Domain,
"lm.lmig.com", "OU=LM Users,DC=lm,DC=lmig,DC=com");
userSearch.SamAccountName = sam; // assuming sam is an actual possible string value.
// sAMAccountName must be a string value as shown above, and not a filter type.
PrincipalSearcher search = new PrincipalSearcher();
search.QueryFilter = userSearch;
PrincipalSearchResult<Principal> res = search.FindAll();
我正在尝试为用户搜索 AD,但它一直抛出异常。该应用程序设置为使用 AppPool。我确定登录用户有权搜索 AD。
代码:
public static UserADInfoModel ResolveUserProperties(string sam)
{
UserADInfoModel uad = new UserADInfoModel();
PrincipalContext DC = new PrincipalContext(ContextType.Domain,
"lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
UserPrincipal userSearch = new UserPrincipal(DC);
userSearch.SamAccountName = "(&(objectClass=user)(sam)";
PrincipalSearcher search = new PrincipalSearcher();
search.QueryFilter = userSearch;
PrincipalSearchResult<Principal> res = search.FindAll();
堆栈跟踪:
[DirectoryServicesCOMException (0x80072020): An operations error occurred.
]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +399003
System.DirectoryServices.DirectoryEntry.Bind() +36
System.DirectoryServices.DirectoryEntry.get_SchemaEntry() +35
System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) +47
System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) +116
System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) +143
System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +244
来源错误:
Line 45: PrincipalContext DC = new PrincipalContext(ContextType.Domain, "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
Line 46: UserPrincipal userSearch = new UserPrincipal(DC);
Line 47: userSearch.SamAccountName = "(&(objectClass=user)(sam)";
Line 48: PrincipalSearcher search = new PrincipalSearcher();
Line 49: search.QueryFilter = userSearch;
对我来说,PrincipalContext 构造函数中错误的赋值和 SamAccountName 的赋值看起来很可疑,并且似乎是异常的可能原因。
DN 应包含相反顺序的路径,即当 OU 和 DC 组件都存在时,应以 OU 或 CN 开头。此外,SamAccountName 值必须是有效的字符串值。
请尝试以下方式:
PrincipalContext DC = new PrincipalContext(ContextType.Domain,
"lm.lmig.com", "OU=LM Users,DC=lm,DC=lmig,DC=com");
userSearch.SamAccountName = sam; // assuming sam is an actual possible string value.
// sAMAccountName must be a string value as shown above, and not a filter type.
PrincipalSearcher search = new PrincipalSearcher();
search.QueryFilter = userSearch;
PrincipalSearchResult<Principal> res = search.FindAll();