I have been trying to solve this problem all day, and I read some conflicting information in the standard answers on the Google message board.
What I'm trying to do is get the email address of the domain (i.e. the current user) from the active directory. My ASP.NET 4 website is configured for Windows authentication and everything works fine until it calls the active directory.
When I do the following, I get a COMException in the search.findAll () line. Exception message: "An operational error has occurred" (a very useful message, huh?) (Code removed for readability)
WindowsIdentity winId = (WindowsIdentity)HttpContext.Current.User.Identity;
WindowsImpersonationContext wic = null;
wic = winId.Impersonate();
using (DirectoryEntry root = new DirectoryEntry(rootQuery))
{
String userQuery = GetUserQuery();
DirectorySearcher searcher = new DirectorySearcher(root);
searcher.SearchScope = SearchScope.Subtree;
searcher.Filter = userQuery;
SearchResultCollection results = searcher.FindAll();
return (results[0].Properties["proxyaddresses"][0]).ToString();
}
, , .
, , , DirectoryEntry. , , -.
, , , , ? AD?
dev IIS5, , , IIS6.
:
:
rootQuery = @"LDAP://{0}.com/DC={0}, DC=com";
userQuery = @"(&(samAccountName={0})(objectCategory=person)(objectClass=user))";
.