Reputation: 439
InteropServices.COMException
I have a problem with an MVC proyect I have.
The stack is the following:
System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000) at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_Name() at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetGroup(SearchResult result) at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetPerfilAD(SearchResult result) at PosmanWeb2.Controllers.Helpers.SessionHelpers.GetUser() at PosmanWeb2.Controllers.Helpers.SessionHelpers.ConnectActiveDirectory()
The Methods on SessionHelpers are part of the proyect, the last one seems to be having problems, the code is the following:
private static List<string> GetGroup(SearchResult result)
{
List<string> nombresPerfilAD = new List<string>();
foreach (var i in result.Properties["memberOf"])
{
var group = new DirectoryEntry(@"LDAP://" + i);
nombresPerfilAD.Add(group.Name.Split('=')[1].ToUpper().Trim());
}
return nombresPerfilAD;
}
What it basically does is save all the Active Directory profiles on a list.
One user in particular did not have this problem what another two have this exact problem.
I saw on other threads that it could be related to permission problems, but Im not 100% sure where to look.
Upvotes: 0
Views: 1350
Answers (1)
Reputation: 705
A good solution in the current scope is not to bind to Active Directory. result.Properties["memberOf"] already contains group DN. You can get name from it without connecting to AD using IADsPathName interface (need to add a reference to ActiveDs com object). Also you can unescape special chars using this interface. E. g. if you group name is #Test it will be returned as escaped like \#Test. Thus you will solve your issue, increase performance and deal with characters escaping if you rewrite your method in the following way:
private static List<string> GetGroup(SearchResult result)
{
List<string> nombresPerfilAD = new List<string>();
IADsPathname pathname = new PathnameClass();
pathname.SetDisplayType(2);
pathname.EscapedMode = 4;
foreach (string groupDn in result.Properties["memberOf"])
{
pathname.Set(groupDn, 4);
nombresPerfilAD.Add(pathname.GetElement(0).ToUpper());
}
return nombresPerfilAD;
}
It seems like binding instead of splitting by comma was made to avoid situations, when a group contains comma in its name. But what if group name contains "=" character? Old code will not work
P.S. If you use .NET 4 you need to set Embed Interop Types to false in ActiveDs properties (in project references)
P.P.S. Be aware, that memberOf attribute does not contain nested groups (userA -> groupA, groupA -> groupB => userA -> groupB) and user's primary group
Upvotes: 2
Related Questions
- DirectoryServicesCOMException (0x80072020) when using Active Directory from ASP.NET application
- Querying AD throws System.Runtime.InteropServices.COMException
- System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.
- getting an exception while using DirectoryServices object
- Intermittant Exception in System.DirectoryServices
- A first chance exception of type 'System.DirectoryServices.Protocols.LdapException' occurred in System.DirectoryServices.Protocols.dll
- why I am geting this error: System.Runtime.interopservice.ComException on windows Authentication
- Why does DirectoryServicesCOMException occur querying Active Directory from a machine other than the web server?
- Problem while accessing active directory using C# DirectoryServices
- C# - COMException was unhandled