c# - Dotnet core 2.2 / IIS - AD 访问问题
问题描述
我目前正在处理的应用程序存在问题,希望你们中的一些人能够帮助我。
我正在尝试从 AD 获取有关登录用户(通过 Windows 身份验证)的一些信息。
using (var context = new PrincipalContext(ContextType.Domain))
{
var user = UserPrincipal.FindByIdentity(context, loginName);
if (user == null) return new List<string>();
var groups = user.GetGroups();
return groups.Select(x => x.SamAccountName).ToList();
}
只要我使用池标识ApplicationPoolIdentity ,它就可以工作。但是,如果我尝试使用服务帐户来处理池(具有类似权限),则 GetGroups 方法会引发以下错误:
"ClassName": "System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException",
"Message": "Une erreur locale s’est produite",
"Data": null,
"InnerException": {
"ClassName": "System.DirectoryServices.DirectoryServicesCOMException",
"Message": "Une erreur locale s’est produite",
"Data": null,
"InnerException": null,
"HelpURL": null,
"StackTraceString": " at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)\r\n at System.DirectoryServices.PropertyValueCollection.PopulateList()\r\n at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)\r\n at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)\r\n at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName)",
"RemoteStackTraceString": null,
"RemoteStackIndex": 0,
"ExceptionMethod": null,
"HResult": -2147016645,
"Source": "System.DirectoryServices",
"WatsonBuckets": null
},
"HelpURL": null,
"StackTraceString": " at System.DirectoryServices.ActiveDirectory.PropertyManager.GetPropertyValue(DirectoryContext context, DirectoryEntry directoryEntry, String propertyName)\r\n at System.DirectoryServices.ActiveDirectory.Forest.GetForest(DirectoryContext context)\r\n at System.DirectoryServices.AccountManagement.ADStoreCtx.GetGroupsMemberOf(Principal p)\r\n at System.DirectoryServices.AccountManagement.Principal.GetGroupsHelper()\r\n at OGF.Home.Services.UserService.GetGroupsByLogin(String loginName) in C:\\Users\\alcide\\Sources\\OGF.Home\\OGF.Home.Services\\UserService.cs:line 162\r\n at OGF.Home.Services.UserService.GetAdRoleByLogin(String loginName) in C:\\Users\\alcide\\Sources\\OGF.Home\\OGF.Home.Services\\UserService.cs:line 144\r\n at OGF.Home.Services.UserService.GetAuthenticatedUser(String login) in C:\\Users\\alcide\\Sources\\OGF.Home\\OGF.Home.Services\\UserService.cs:line 127\r\n at OGF.Home.WebApi.Controllers.AuthController.Authenticate() in C:\\Users\\alcide\\Sources\\OGF.Home\\OGF.Home.WebApi\\Controllers\\AuthController.cs:line 53\r\n at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeActionMethodAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeNextActionFilterAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextResourceFilter()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Rethrow(ResourceExecutedContext context)\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeFilterPipelineAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAsync()\r\n at Microsoft.AspNetCore.Routing.EndpointMiddleware.Invoke(HttpContext httpContext)\r\n at Microsoft.AspNetCore.Routing.EndpointRoutingMiddleware.Invoke(HttpContext httpContext)\r\n at Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)\r\n at Microsoft.AspNetCore.Builder.Extensions.MapMiddleware.Invoke(HttpContext context)\r\n at Microsoft.AspNetCore.Builder.Extensions.MapWhenMiddleware.Invoke(HttpContext context)\r\n at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)\r\n at Swashbuckle.AspNetCore.SwaggerUI.SwaggerUIMiddleware.Invoke(HttpContext httpContext)\r\n at Swashbuckle.AspNetCore.Swagger.SwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider)\r\n at OGF.Home.WebApi.Middleware.ExceptionMiddleware.InvokeAsync(HttpContext httpContext) in C:\\Users\\alcide\\Sources\\OGF.Home\\OGF.Home.WebApi\\Middleware\\ExceptionMiddleware.cs:line 27",
"RemoteStackTraceString": null,
"RemoteStackIndex": 0,
"ExceptionMethod": null,
"HResult": -2146233088,
"Source": "System.DirectoryServices",
"WatsonBuckets": null
我正在使用 dotnet core 2.2,并且应用程序托管在 IIS 7.5 上
解决方案
推荐阅读
- python - How web scrape with request, Bs4 when there is a script result?
- azure - 立即/强制 Azure 文件同步
- r - Adding points, symbols, and legends to ggplot
- python - PyCharm 控制台不在同一行打印,但在调试控制台中打印
- javascript - 如果 div 为空,Eslint airbnb 会强制执行自关闭 div 标签。如何禁用此规则?
- javascript - 没有通过 AJAX 获得 laravel 验证的确切错误消息
- javascript - 将 Node.js 中间件传递给自定义函数
- typeerror - error in elm-lang `(==) is expecting the right side to be a:`
- linkedin - Linkedin API 是否提供了一种从我们公司的个人资料中获取最新更新的方法
- google-app-engine - 如何为 GCP VM 实例启用 SSL 连接(Mautic)