问题描述

我使用一个控制台应用程序编写一些测试code：

I use a console application to write some test code:

    /// <summary>
    /// Returns AD information for a specified userID.
    /// </summary>
    /// <param name="ntID"></param>
    /// <returns></returns>
    public ADUser GetUser(string ntID)
    {
        DirectorySearcher search = new DirectorySearcher();
        search.Filter = String.Format("(cn={0})", ntID);

        search.PropertiesToLoad.Add("mail");
        search.PropertiesToLoad.Add("givenName");
        search.PropertiesToLoad.Add("sn");
        search.PropertiesToLoad.Add("displayName");
        search.PropertiesToLoad.Add("userPrincipalName");
        search.PropertiesToLoad.Add("cn");

        SearchResult result = search.FindOne();

        return new ADUser(result);
    }

这工作正常从控制台应用程序。然而，当我把它移到一个ASP.NET应用程序时，我收到一个错误信息，不知道正确的域。

And this worked fine from the console app. However, when I moved it to an ASP.NET application, I received an error message about not knowing the correct domain.

有一招就ASPNET帐户？

Is there a trick I am missing for accessing AD when running on the ASPNET account?

修改：传递只是一个LDAP：//域的连接字符串是不够的，因为它希望有一个实际的登录/密码。由于这种运行在一台机器上的本地帐户，我不知道是什么AD L / P使用。我可以委托接入用户占这个不知何故？

EDIT: Passing just a LDAP://domain connection string isn't enough, as it wants an actual login/password. Because this runs on a local account on a machine, I'm not sure what AD L/P to use. Can I delegate the accessing users account to this somehow?

编辑＃2 ：当试图用假冒的身份，我得到一个DirectoryServicesCOMException：

EDIT #2: When trying to use identity impersonation, I get a DirectoryServicesCOMException with:

推荐答案

您也可以尝试，包括在登录的域

You could also try including the domain in the login

adSharepointUsers = new DirectoryEntry("LDAP://MyDomain","MyDomain/ADUser","password");

这篇关于访问活动目录中的ASP.NET？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！