Active Directory,枚举用户组,COM 异常

时间:2023-02-18
本文介绍了Active Directory,枚举用户组,COM 异常的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在通过 AD .NET API 枚举当前用户组时,我有时会得到

COMException: 未知错误 (0x80005000)

这是我的代码:

 var userName = Environment.UserName;var context = new PrincipalContext(ContextType.Domain);var user = UserPrincipal.FindByIdentity(context, userName);foreach (var userGroup in user.GetGroups()){Console.WriteLine(userGroup.Name);}

有什么问题吗?我以为每个用户都可以检索 HIS 组的列表?这似乎是奇怪的行为,有时可以像这样重现:在userA"PC 上运行时,它崩溃了,但它正在成功枚举其他userB"组(在用户A')!

解决方案

尝试使用

var context = new PrincipalContext(ContextType.Domain, "yourcompany.com", "DC=yourcompany,DC=com", ContextOptions.Negotiate);

将 ContextOption 设置为 Negotioate 后,客户端使用 Kerberos 或 NTLM 进行身份验证,因此即使未提供用户名和密码,帐户管理 API 也会使用调用线程的安全上下文绑定到对象.

while enumerating current user's groups through AD .NET API I sometimes get

COMException: Unknown error (0x80005000)

Here's my code :

        var userName = Environment.UserName;

        var context = new PrincipalContext(ContextType.Domain);
        var user = UserPrincipal.FindByIdentity(context, userName);

        foreach (var userGroup in user.GetGroups())
        {
            Console.WriteLine(userGroup.Name);
        }

What's the problem? I thought every user can retrieve list of HIS groups?It seems to be strange behavior, sometimes It can be reproduced like this : when running on 'userA' PC, It crashes, but it is enumerating OTHER 'userB' groups successfully (under 'userA')!

解决方案

Try using

var context = new PrincipalContext(ContextType.Domain, "yourcompany.com", "DC=yourcompany,DC=com", ContextOptions.Negotiate);

With the ContextOption set to Negotioate the client is authenticated by using either Kerberos or NTLM so even if the user name and password are not provided the account management API binds to the object by using the security context of the calling thread.

这篇关于Active Directory,枚举用户组,COM 异常的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

上一篇:使用 Azure Active Directory 对用户进行身份验证后执 下一篇:LDAP 的连接字符串是什么?

相关文章

最新文章