This error is what I get if I run the application on the server, but not locally. Why is this happening on the server and not locally???
List<GroupPrincipal> result = new List<GroupPrincipal>();
// establish domain context
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain);
// find your user
UserPrincipal user = UserPrincipal.FindByIdentity(yourDomain, userName);
// if found - grab its groups
if (user != null)
{
//here happens the error on server.
PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();
Please help me.
stack trace:
[PrincipalOperationException: While trying to retrieve the authorization groups, an error (5) occurred.] System.DirectoryServices.AccountManagement.AuthZSet..ctor(Byte[] userSid, NetCred credentials, ContextOptions contextOptions, String flatUserAuthority, StoreCtx userStoreCtx, Object userCtxBase) +317263 System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOfAZ(Principal p) +441 System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroupsHelper() +78 System.DirectoryServices.AccountManagement.UserPrincipal.GetAuthorizationGroups() +11 IntegrationApp.App_Code.ActiveDir.GetGroups(String userName) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierDALActiveDir.cs:54 IntegrationApp.App_Code._3_Tier.BAL.DatabaseBAL.BepaalDefaultNiveau2(String melder) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppApp_Code3-TierBALDatabaseBAL.cs:75 IntegrationApp.Detailscherm.VulLijsten() in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:89 IntegrationApp.Detailscherm.Page_Load(Object sender, EventArgs e) in C:Documents and SettingsmtaMy DocumentsIntegrationAppIntegrationAppDetailscherm.aspx.cs:30 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25 System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42 System.Web.UI.Control.OnLoad(EventArgs e) +132 System.Web.UI.Control.LoadRecursive() +66 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2428
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
I found another solution to get access to the GROUPS:
PrincipalSearchResult<Principal> groups = user.GetGroups();
Method 2
Under what identity is your process running on the server? Most likely, that user does not have the correct rights to access your Active Directory.
Can you test if it works with this constructor of PrincipalContext?
PrincipalContext yourDomain = new PrincipalContext(ContextType.Domain, "MY.DOMAIN.HERE", "USERNAME", "PASSWORD");
If that works, you probably want to create a dedicated domain user for your app to run under.
Method 3
I found that membership in the Windows Authorization Access Group is required to execute GetAuthorizationGroups.
See the following article:
http://support.microsoft.com/kb/331951
Method 4
Just a guess, but it sounds like an issue with the trust levels. See if the info contained here helps:
- http://msdn.microsoft.com/en-us/library/ff648243.aspx
- http://www.csharp411.com/executing-code-in-partial-trust-environments/
Are you running it as an administrator on your box and a more limited account on the server?
If so, I would try running it at full trust on the server (if you can) to see if the problem goes away.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0