I have an asp.net MVC application that is configured to use Windows Authentication. I am trying to get groups from UserPrincipal using this.
UserPrincipal.Current.GetGroups()
This works great when working with Visual Studio, but fails when hosting in IIS. The application pool is configured for the integrated pipeline and network service identifier. Throws below error:
Cannot pass an object of type "System.DirectoryServices.AccountManagement.GroupPrincipal" to enter "System.DirectoryServices.AccountManagement.UserPrincipal".
I tried to impersonate the code
WindowsIdentity identity = (WindowsIdentity)HttpContext.Current.User.Identity;
using (WindowsImpersonationContext wic = identity.Impersonate())
{
PrincipalContext context = new PrincipalContext(ContextType.Domain, "DOMAIN NAME");
UserPrincipal user = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, "User Name");
}
FindByIdentity is causing an error.
000004DC: LdapErr: DSID-0C0906E8, comment: to perform this operation, the connection must have successfully bind., Data 0, v1db1
AD?