问题描述

在通过 AD .NET API 枚举当前用户组时，我有时会得到

COMException: 未知错误 (0x80005000)

这是我的代码:

 var userName = Environment.UserName;var context = new PrincipalContext(ContextType.Domain);var user = UserPrincipal.FindByIdentity(context, userName);foreach (var userGroup in user.GetGroups()){Console.WriteLine(userGroup.Name);}

有什么问题吗?我以为每个用户都可以检索 HIS 组的列表?这似乎是奇怪的行为，有时可以像这样重现:在userA"PC 上运行时，它崩溃了，但它正在成功枚举其他userB"组(在用户A')！

尝试使用

var context = new PrincipalContext(ContextType.Domain, "yourcompany.com", "DC=yourcompany,DC=com", ContextOptions.Negotiate);

将 ContextOption 设置为 Negotioate 后，客户端使用 Kerberos 或 NTLM 进行身份验证，因此即使未提供用户名和密码，帐户管理 API 也会使用调用线程的安全上下文绑定到对象.

while enumerating current user's groups through AD .NET API I sometimes get

COMException: Unknown error (0x80005000)

Here's my code :

        var userName = Environment.UserName;

        var context = new PrincipalContext(ContextType.Domain);
        var user = UserPrincipal.FindByIdentity(context, userName);

        foreach (var userGroup in user.GetGroups())
        {
            Console.WriteLine(userGroup.Name);
        }

What's the problem? I thought every user can retrieve list of HIS groups?It seems to be strange behavior, sometimes It can be reproduced like this : when running on 'userA' PC, It crashes, but it is enumerating OTHER 'userB' groups successfully (under 'userA')!

Try using

var context = new PrincipalContext(ContextType.Domain, "yourcompany.com", "DC=yourcompany,DC=com", ContextOptions.Negotiate);

With the ContextOption set to Negotioate the client is authenticated by using either Kerberos or NTLM so even if the user name and password are not provided the account management API binds to the object by using the security context of the calling thread.

这篇关于Active Directory，枚举用户组，COM 异常的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！