InteropServices.COMException

0

I have a problem with an MVC proyect I have.

The stack is the following:

System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000) at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_Name() at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetGroup(SearchResult result) at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetPerfilAD(SearchResult result) at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetUser() at PosmanWeb2.Controllers.Helpers.SessionHelpers.ConnectActiveDirectory()

The Methods on SessionHelpers are part of the proyect, the last one seems to be having problems, the code is the following:

private static List<string> GetGroup(SearchResult result)
{
    List<string> nombresPerfilAD = new List<string>();

    foreach (var i in result.Properties["memberOf"])
    {
        var group = new DirectoryEntry(@"LDAP://" + i);      
        nombresPerfilAD.Add(group.Name.Split('=')[1].ToUpper().Trim());             
    }

    return nombresPerfilAD;
}  

What it basically does is save all the Active Directory profiles on a list.

One user in particular did not have this problem what another two have this exact problem.

I saw on other threads that it could be related to permission problems, but Im not 100% sure where to look.

c#
asp.net-mvc
active-directory
asked on Stack Overflow Oct 13, 2016 by user3442470

1 Answer

2

A good solution in the current scope is not to bind to Active Directory. result.Properties["memberOf"] already contains group DN. You can get name from it without connecting to AD using IADsPathName interface (need to add a reference to ActiveDs com object). Also you can unescape special chars using this interface. E. g. if you group name is #Test it will be returned as escaped like \#Test. Thus you will solve your issue, increase performance and deal with characters escaping if you rewrite your method in the following way:

    private static List<string> GetGroup(SearchResult result)
    {
        List<string> nombresPerfilAD = new List<string>();
        IADsPathname pathname = new PathnameClass();
        pathname.SetDisplayType(2);
        pathname.EscapedMode = 4;

        foreach (string groupDn in result.Properties["memberOf"])
        {
            pathname.Set(groupDn, 4);
            nombresPerfilAD.Add(pathname.GetElement(0).ToUpper());
        }

        return nombresPerfilAD;
    }

It seems like binding instead of splitting by comma was made to avoid situations, when a group contains comma in its name. But what if group name contains "=" character? Old code will not work

P.S. If you use .NET 4 you need to set Embed Interop Types to false in ActiveDs properties (in project references)

P.P.S. Be aware, that memberOf attribute does not contain nested groups (userA -> groupA, groupA -> groupB => userA -> groupB) and user's primary group

answered on Stack Overflow Oct 13, 2016 by oldovets • edited Oct 14, 2016 by oldovets

User contributions licensed under CC BY-SA 3.0