Getting UserPrincipal with Windows authentication and anonymous authentication on
Question
The following code only works while only Windows Authentication is enabled in IIS for local users on our network.
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
UserPrincipal up = UserPrincipal.FindByIdentity(ctx, userName);
return up;
}
Otherwise it throws this exception:
[ArgumentException: The (&(objectCategory=user)(objectClass=user)(|(userPrincipalName=)(distinguishedName=)(name=))) search filter is invalid.] System.DirectoryServices.ResultsEnumerator.MoveNext() +434305 System.DirectoryServices.SearchResultCollection.get_InnerList() +282 System.DirectoryServices.SearchResultCollection.get_Count() +9 System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRefHelper(Type principalType, String urnScheme, String urnValue, DateTime referenceDate, Boolean useSidHistory) +1898 System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRef(Type principalType, String urnScheme, String urnValue, DateTime referenceDate) +85 System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +211 System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identi tyValue) +95 WebApplication1.Index.GetUserPrincipal(String userName) in C:\\Users\\xxx\\Documents\\Visual Studio 2010\\Projects\\WebApplication1\\WebApplication1\\Index.aspx.cs:38 WebApplication1.Index.Page_Load(Object sender, EventArgs e) in C:\\Users\\xxx\\Documents\\Visual Studio 2010\\Projects\\WebApplication1\\WebApplication1\\Index.aspx.cs:19 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25 System.Web.UI.Control.LoadRecursive() +71 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3064
Is there any way of getting this to work for getting our local users UserPrincipal while Windows and Anonymous authentication are both turned on?
2 answers
solution1
1 2013-04-09 14:31:21
userName必须是一个空字符串(或者以其他方式,完全由空格组成),显然它不是由FindByIdentity验证的。
solution2
0 2013-04-09 14:25:41
Not sure how you got FindByIdentity to work as I thought one is required to specify the identity type as well? ie:
UserPrincipal up = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, userName);
Either way, impersonation might work if you force it. Thus before that code snippet use the following:
// This will impersonate the logged in user in order to get whichever username you require GIVEN the logged in user has AD read/querying rights.
System.Web.HttpContext.Current.Request.LogonUserIdentity.Impersonate();
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
UserPrincipal up = UserPrincipal.FindByIdentity(ctx, userName);
return up;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.