开发者

How to get the groups of a user in Active Directory?

问答 作者:

I use from this code:

   List<GroupPrincipal> result = new List<GroupPrincipal>();

   // establish domain context
   PrincipalContext MyDomain = new PrincipalContext(ContextType.Domain);

   // find your user
   UserPrincipal user = UserPrincipal.FindByIdentity(MyDomain , username);

   // if found - grab its groups
   if(user != null)
   {
      PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();

      // iterate over 开发者_开发问答all groups
      foreach(Principal p in groups)
      {
         // make sure to add only group principals
         if(p is GroupPrincipal)
         {
             result.Add(p);
         }
      }
   }

but on this line ( user.GetAuthorizationGroups() ) I got an exception

This server is not operational

In a web environment:

System.Web.HttpContext.Current.Request.LogonUserIdentity.Groups

or in your context:

user.GetGroups()

MSDN

From what I remember, the exception can be caused by the fact that the domain name cannot be resolved with any available DNS. Make sure that it is and the exception goes away.

Check this if it can help you http://support.microsoft.com/kb/842789

Update :

Open Visual Studio As Administrator and then open your solution. then try again. I believe that your problem is because of application permition.

I've got exactly the same trouble when I run one of my program from a computer (dev computer) which does not belong to the domain I query for. I mean that I got the context, I got the UserPrincipal information and I've got the same error when I call GetGroups(). The same program run on the server itself works perfectly.

I tryed to manage to have my developpment computer directly configured with the domain DNS as first DNS, but it was the same.

I tryed to hard configure domain and DC adresses in hosts file but it was the same.

So I remote debug my program from a virtual machine which was in the domain.

I install my Active Directory again and my problem resolved...

One of the groups your trying to grab included in the GetGroups is an administrator group and requires special permission. Try setting a user/password in your context and use getGroups(context)

继续阅读:.netactive-directory

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9