How can I get tokenGroups from active directory on Windows Server 2003?

I'm trying to load tokenGroups from Active Directory but it isn't working once deployed to a Windows Server (2003). I cannot figure out why, since it works fine locally...

Here is my error:

There is no such object on the server.

And here is my code (the sid variable is the current users SecurityIdentifier pulled from HttpContext):

DirectoryEntry userDE = new DirectoryEntry(string.Format("LDAP://<SID={0}>", sid.Value))
userDE.RefreshCache(new[] { "tokenGroups" });

var tokenGroups = userDE.Properties["tokenGroups"] as CollectionBase;
groups = tokenGroups.Cast<byte开发者_StackOverflow社区[]>()
    .Select(sid => new SecurityIdentifier(sid, 0)).ToArray();

Any ideas why I would get that error?

UPDATE: The error actually happens on the RefreshCache line

Do you have a valid value for userDE after the constructor call?? Does that user really exist? Or do you need to provide e.g. a server to use in your LDAP path??

The error message No such object on server seems to indicate the user just plain doesn't exist.... (or cannot be found, due to e.g. permissions)

Try this - not sure if that's the problem, but it's worth a try - it should work:

DirectoryEntry userDE = new DirectoryEntry(string.Format("LDAP://<SID={0}>", sid.Value))
userDE.RefreshCache(new string[] { "tokenGroups" });

Try using new string[] instead of just new[].