问题描述
我正在尝试使用System.DirectoryServices.AccountManagement库来获取特定Active Directory用户的UserPrincipal.
I'm attempting to use the System.DirectoryServices.AccountManagement library to obtain the UserPrincipal for a particular Active Directory user.
我有以下代码:
PrincipalContext上下文=新的PrincipalContext(ContextType.Domain," DomainName");;
userPrincipal = UserPrincipal.FindByIdentity(上下文,IdentityType.SamAccountName,用户名);
PrincipalContext context = new PrincipalContext(ContextType.Domain, "DomainName");
userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, username);
此代码以有效的域用户身份运行,但是当我执行该代码时,出现以下异常:
This code is running as a valid domain user, but when I execute it I get the following exception:
System.DirectoryServices.DirectoryServicesCOMException(0x8007052E):登录失败:用户名未知或密码错误.
System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): Logon failure: unknown user name or bad password.
有趣的是,我可以使用相同的上下文进行以下调用,而不会出现问题:
What's interesting is that I can make the following call, using the same context, without a problem:
context.ValidateCredentials(用户名,密码,ContextOptions.Negotiate)
想法?
推荐答案
当前登录的用户是什么?它是该域的有效用户吗?
What's the current logged on user? Is it a valid user of that domain?
我们可能需要以有效的域用户身份运行代码,或者我们可以模拟为有效的域用户.这中的 CSImpersonateUser 项目多合一代码框架显示了如何模拟用户,希望它能对您有所帮助.
We may need to run the code as a valid domain user, or we can impersonate as a valid domain user. TheCSImpersonateUser project in All-In-One Code Framework shows how to impersonate a user, hope it can helps.
这篇关于UserPrincipal.FindByIdentity权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!