UserPrincipal.FindByIdentity权限 [英] UserPrincipal.FindByIdentity Permissions

问题描述

我正在尝试使用System.DirectoryServices.AccountManagement库来获取特定Active Directory用户的UserPrincipal.

I'm attempting to use the System.DirectoryServices.AccountManagement library to obtain the UserPrincipal for a particular Active Directory user.

我有以下代码:

PrincipalContext上下文=新的PrincipalContext(ContextType.Domain，" DomainName");;
userPrincipal = UserPrincipal.FindByIdentity(上下文，IdentityType.SamAccountName，用户名);

PrincipalContext context = new PrincipalContext(ContextType.Domain, "DomainName");
userPrincipal = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, username);

此代码以有效的域用户身份运行，但是当我执行该代码时，出现以下异常:

This code is running as a valid domain user, but when I execute it I get the following exception:

System.DirectoryServices.DirectoryServicesCOMException(0x8007052E):登录失败:用户名未知或密码错误.

System.DirectoryServices.DirectoryServicesCOMException (0x8007052E): Logon failure: unknown user name or bad password.

有趣的是，我可以使用相同的上下文进行以下调用，而不会出现问题:

What's interesting is that I can make the following call, using the same context, without a problem:

context.ValidateCredentials(用户名，密码，ContextOptions.Negotiate)

想法?

推荐答案

 

 

Hi,

 

当前登录的用户是什么?它是该域的有效用户吗?

What's the current logged on user? Is it a valid user of that domain?

 

我们可能需要以有效的域用户身份运行代码，或者我们可以模拟为有效的域用户.这 中的 CSImpersonateUser 项目 多合一代码框架显示了如何模拟用户，希望它能对您有所帮助.

We may need to run the code as a valid domain user, or we can impersonate as a valid domain user. The CSImpersonateUser project in All-In-One Code Framework shows how to impersonate a user, hope it can helps.

这篇关于UserPrincipal.FindByIdentity权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！