C＃Active Directory主体上下文权限

Question

I've been searching for an answer and can't seem to find one, but maybe I missed it. I have a WPF application and I use PrincipalContext to connect to MS AD. My development machine is not domain joined and I can connect no problem. However, on our terminal server, my application can only connect if the currently logged in user is in the Domain Admins group, even though I am passing valid credentials to the PrincipalContext constructor. I have tried using my account, a 'service' account, and even the Administrator account.

I have this working on my development machine but not on our terminal server:

PrincipalContext pc = new PrincipalContext(ContextType.Domain, "DC.mydomain.com", null, ContextOptions.SimpleBind | ContextOptions.ServerBind, Username, Password);

On the terminal server, it throws an exception. The message is "The connection cannot be established". Upon further investigation I found that LDAP is returning an error code of 91, which I have looked up as well, but I still cannot seem to get it to connect. I must have tried passing every combination of parameters to PrincipalContext.

Edit:

I've been playing with it some more. I can't get PrincipalContextor LdapConnection to connect on the terminal server, but they both work on my development machine. The only thing that will connect is DirectoryEntry. Maybe that will provide more clues?

Any suggestions?

Answer 1

I managed to figure it out. It was some sort of permissions issue on the folder I was running the application from. Hope this can help someone in the future.