开发者

Active Directory issues using IIS7 in Windows Server 2008 R2

开发者 https://www.devze.com 2023-03-05 05:16 出处:网络
The web app I\'m working on uses both User ID\'s and Group ID\'s from Active Directory. That is, users can inherit access to some parts of the app (specifically reports) based on their membership in A

The web app I'm working on uses both User ID's and Group ID's from Active Directory. That is, users can inherit access to some parts of the app (specifically reports) based on their membership in AD Groups.

So, we're using the User's GUID and Group's GUID as a key in the database tracking access to features.

App is working fine in development environment (IIS7 running on Windows 7). But when I try to set the site up in my test environment (IIS7 running on Windows Server 2008 R2), I get the following error:

Unable to cast object of type 'System.DirectoryServices.AccountManagement.GroupPrincipal' to type 'System.DirectoryServices.AccountManagement.UserPrincipal'.

From the stack trace, it appears that the guilty code is:

public string UserGUID
{
     get
     {
    return UserPrincipal.Current.Guid.ToString();
     }
}

I'm also accessing GroupPrincipals in a method that fetches all the groups a specific User belongs to:

public ArrayList Get_UserGroupGUIDs(string username)
{
     ArrayList oList = new ArrayList();
     // "company" is the domain we would like to search in
     using ( PrincipalContext ctx = new PrincipalContext ( ContextType.Domain, "isidc.com" ) )
   开发者_开发问答  { 
    // get the user of that domain by his username, within the context
    using ( UserPrincipal up = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username))
    {
              if (up != null)
              {
                  // fetch the group list
                  using (PrincipalSearchResult<Principal> Groups = up.GetAuthorizationGroups())
                  {
                      foreach (GroupPrincipal g in Groups)
                      {
                          oList.Add(g.Guid.ToString());
                      } // end foreach
                  } // end using
              } // end if
    } // end using
    return oList;
} // end method Get_UserGroupGUIDs

Any ideas?

0

精彩评论

暂无评论...
验证码 换一张
取 消