1

我正在尝试检查用户是否是以下组的成员:

if (conditionalGroup != null)
            {
                if (!currentUser.IsMemberOf(conditionalGroup))
                {
                    _logger.Debug("Adding user to Specific group.");
                    conditionalGroup.Members.Add(currentUser);
                    conditionalGroup.Save();
                }

                conditionalGroup.Dispose();
            }

但是它失败了:An error (1789) occurred while enumerating the group membership. The member's SID could not be resolved.

该组是本地计算机上的用户组。我也对 IIS_IUSRS 组做同样的事情,那个很好。这只是今天在我的构建机器上开始的,并且以前一直有效。这是一个错误还是我做错了什么?

这是我创建用户的方式:

pc = new PrincipalContext(ContextType.Machine); currentUser = UserPrincipal.FindByIdentity(pc, u.UserName);

            if (currentUser == null)
            {
                currentUser = new UserPrincipal(pc)
                    {
                        Name = u.UserName,
                        Description = u.UserDescription,
                        UserCannotChangePassword = false,
                        PasswordNeverExpires = true
                    };

                currentUser.SetPassword(u.UserPassword);
                currentUser.Save();
            }
4

1 回答 1

2

On Windows, you usually see all users and groups with their names. But. sometimes occassionally you find a user or group that is displayed not by name, but by it's SID. This happens when the System find an entry that claims to refer to such ID, but the ID is not registered or not found in the System's name table/database.

The easiest way to see that is to borrow someone's pendrive with NTFS partition on it and some user-files created on remote machine that has different accounts. Browse, rightclick, see Permissions, voila lots of SIDs.

Start with inspecting your group that 'fails', ie. in SystemTools there's an applet ComputerManagement where you can browse most of the User and Groups registrations. View that Group, see its members and check if all of them are seen by-name, and none by "S-1-5..." number. If you find numeric one, try checking the classification support.microsoft.com/kb/243330 - maybe you will guess how that user got added there and why he is unnamed.

Anyways, which line of that code fails actually? IsMemberOf or Members.Add or Save?

于 2012-08-17T13:50:01.603 回答