userprinciple.FindByIdentity succeeds on one server but not another

-1

I have been tasked with migrating some c# v4 apps from one server to another, and I have hit an issue with one of the aspx forms.

The form has the a call to a class to search for an AD user in its code behind file. The method it calls is below.

    public UserPrincipal GetADUser(string samAccountName)
        {
        try
        {
            UserPrincipal user = UserPrincipal.FindByIdentity(AD.domainContext, samAccountName);
            return user;
        }
        catch(Exception ex)
        {
            throw new Exception(" Cant perform this operation:-"+ex.Message);
        }
    }

AD.domainContext is defined below

private static PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, ConfigurationHandler._ADDomain);

My problem is that the method works on 2 of my servers (VS Dev and the server currently running the code that im migrating from) and throws an exception on the server im trying to migrate to. All the server are identical environments Windows Server 2k8 R2 running iis 7.5

The error that is being thrown is

Cant perform this operation:-An operations error occurred.

i have had a search and found the following stackoverflow issues but none seem to resolve the issue

System.DirectoryServices.AccountManagement.PrincipalContext and Impersonation in a WCF service

Active Directory COM Exception - An operations error occurred (0x80072020)

Does anyone have any idea what would be causing this error to be thrown on one environment and not any other ?

I have tried to debug the code and it works fine in VS debug, however when the code is deployed to the said server is when i get the issue.

Any help, thoughts, ideas would be much appreciate.

If i have forgotten to include anything i am happy to elaborate on any of the information provided.

Thanks in advance

Nicholas

c#
asp.net
active-directory
asked on Stack Overflow Jun 28, 2012 by Nicholas King • edited May 23, 2017 by Community

1 Answer

1

for anyone else who faces a similar issue the solution seems to be that username and password needs to be supplied to query AD, unless you have user impersination switched on in IIS.

Simply ammending my method with the following solved the issue

private static PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, null,ConfigurationHandler._ADDomain, ConfigurationHandler._ADUser, ConfigurationHandler._ADPassword);

Thanks

Nicholas

answered on Stack Overflow Jun 28, 2012 by Nicholas King

User contributions licensed under CC BY-SA 3.0