1

我正在尝试为用户搜索 AD,但它不断抛出异常。该应用程序设置为使用 AppPool。而且我确信登录的用户可以访问搜索广告。

代码:

public static UserADInfoModel ResolveUserProperties(string sam)
        {
            UserADInfoModel uad = new UserADInfoModel();
            PrincipalContext DC = new PrincipalContext(ContextType.Domain, 
            "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
            UserPrincipal userSearch = new UserPrincipal(DC);
            userSearch.SamAccountName = "(&(objectClass=user)(sam)";
            PrincipalSearcher search = new PrincipalSearcher();
            search.QueryFilter = userSearch;
            PrincipalSearchResult<Principal> res = search.FindAll();

堆栈跟踪:

[DirectoryServicesCOMException (0x80072020): An operations error occurred.
]
   System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +399003
   System.DirectoryServices.DirectoryEntry.Bind() +36
   System.DirectoryServices.DirectoryEntry.get_SchemaEntry() +35
   System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) +47
   System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) +116
   System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) +143
   System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +244

源错误:

Line 45:             PrincipalContext DC = new PrincipalContext(ContextType.Domain, "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
Line 46:             UserPrincipal userSearch = new UserPrincipal(DC);
Line 47:             userSearch.SamAccountName = "(&(objectClass=user)(sam)";
Line 48:             PrincipalSearcher search = new PrincipalSearcher();
Line 49:             search.QueryFilter = userSearch;
4

1 回答 1

1

对我来说,在PrincipalContext构造函数中分配错误的值和分配给的值SamAccountName看起来很可疑,并且似乎是异常的可能原因。

DN 应包含反向顺序的路径,即,当 OU 和 DC 组件都存在时,应从 OU 或 CN 开始。此外,SamAccountName 值必须是有效的字符串值。

请尝试以下方法:

 PrincipalContext DC = new PrincipalContext(ContextType.Domain, 
        "lm.lmig.com", "OU=LM Users,DC=lm,DC=lmig,DC=com");
 userSearch.SamAccountName = sam; // assuming sam is an actual possible string value.
 // sAMAccountName must be a string value as shown above, and not a filter type.
 PrincipalSearcher search = new PrincipalSearcher();
 search.QueryFilter = userSearch;
 PrincipalSearchResult<Principal> res = search.FindAll();
于 2018-01-31T17:43:28.530 回答