我正在尝试根据 ActiveDirectory 的组成员身份获取用户详细信息。这适用于我的本地计算机,但不适用于我在服务器上运行它时。
我不明白的是它会正确返回组成员的数量(尽管它必须以特定方式,请参阅代码中的注释),但不会返回组成员的任何详细信息。我最终得到一个 [DirectoryServicesCOMException (0x80072020): An operation error occurred.] 不管我做什么。
//DirectoryEntry DEntry = new DirectoryEntry("LDAP://DOMAIN"); //works only locally
DirectoryEntry DEntry = new DirectoryEntry("LDAP://DOMAIN", "Account", "Password"); //works locally and on the server
DirectorySearcher DSearcher = new DirectorySearcher();
DSearcher.SearchRoot = DEntry;
DSearcher.Filter = "(&(objectClass=group)(cn=GroupName))";
SearchResult SResult = DSearcher.FindOne();
DirectoryEntry DEGroup = new DirectoryEntry(SResult.Path);
System.DirectoryServices.PropertyCollection PCollection = DEGroup.Properties;
//Label1.Text = PCollection["member"].Count.ToString(); //works only locally
Label1.Text = SResult.GetDirectoryEntry().Properties["member"].Count.ToString(); //works locally and on the server
//DirectoryEntry DEUser = new DirectoryEntry("LDAP://DOMAIN/" + PCollection["member"][0].ToString()); //works only locally
DirectoryEntry DEUser = new DirectoryEntry("LDAP://DOMAIN/" + SResult.GetDirectoryEntry().Properties["member"][0].ToString()); //works locally and on the server
//Label2.Text = DEUser.Properties["sAMAccountName"][0].ToString(); //works only locally
DEUser.Close();
DEntry.Close();
DEGroup.Close();
App Pool Identity 是 Network Service,web.config 包含
<authentication mode="Windows">
<identity impersonate="true" />