Active Directory COM 异常 - 发生操作错误 (0x80072020) [英] Active Directory COM Exception - An operations error occurred (0x80072020)
问题描述
当我尝试使用 GroupPrincipal.FindByIdentity
I am getting an intermittent COM Exception "An operations error occurred (0x80072020)" (shown below) when I try and query Active Directory using the method GroupPrincipal.FindByIdentity
这是我的代码:
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, Environment.UserDomainName);
GroupPrincipal groupPrincipal = GroupPrincipal.FindByIdentity(ctx, IdentityType.Name, "Group to find");
我收到异常:
Inner Exception: System.Runtime.InteropServices.COMException (0x80072020): An operations error occurred.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.PropertyValueCollection.PopulateList()
at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)
at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, IdentityType identityType, String identityValue)
at System.DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(PrincipalContext context, IdentityType identityType, String identityValue)
代码从 Windows 2003 SP2 服务器上的 Windows 服务运行.
我发现了另一个堆栈溢出问题,Active Directory,枚举用户组,COM 异常,建议启用 Kerberos 作为 PrincipalContext 构造函数中的一个选项将解决此问题,但我收到的十六进制代码与不同这个问题.
I have found another Stack Overflow question, Active Directory, enumerating user's groups, COM exception, suggesting that enabling Kerberos as an option in the PrincipalContext constructor will fix this problem but I am receiving a different hex code than in this question.
我的问题是:
- 这个特定的 COM 异常绝对是身份验证问题吗?在发布软件之前,我需要确保这将 100% 解决问题.
- 某处是否有资源列出所有可能的 COM 异常十六进制代码,以便我将来可以更好地帮助自己?
推荐答案
我现在找到了另一个答案 无法在 Dynamics CRM 中添加具有 CrmService API 的用户,其中指出 0x80072020 确实是权限问题.我已将我的服务更改为在域级别帐户而不是本地系统帐户下运行,这似乎解决了我的问题.
I've now found another answer Unable to add user with CrmService API in Dynamics CRM which states that 0x80072020 is indeed a permission issue. I have changed my service to run under a domain level account instead of the local system account and this seems to have cured my problem.
这篇关于Active Directory COM 异常 - 发生操作错误 (0x80072020)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
