System.DirectoryServices.DirectoryServicesCOMException

Question

尝试使用“匿名”身份验证和硬编码用户名在生产环境中运行应用程序时，我不断收到以下错误。

当我打开基本身份验证，然后提示输入用户名/密码，一切都像魅力。但我需要让硬编码版本也能正常工作。无法弄清楚发生了什么事。

一切工作完美在另一台服务器上。

Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[DirectoryServicesCOMException (0x80072020): An operations error occurred.]
System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +781
System.DirectoryServices.DirectoryEntry.Bind() +44
System.DirectoryServices.DirectoryEntry.get_SchemaEntry() +49
System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) +62
System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) +123
System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) +234
System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +497

[PrincipalOperationException: An operations error occurred.]
System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +534256
System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit() +61
System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() +141
System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx() +42
System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +27
System.DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(PrincipalContext context, String identityValue) +95
SERT_BO.ADHelper.UserBelongsToGrp(String adGroup, String sAMAccountName, String& emailAddr, String& fullName) in D:\SERT\BusinessObjects\SERT_BO\ADHelper.cs:199
SERT_BO.UserSession.GetUserSession(String userName) in D:\SERT\BusinessObjects\SERT_BO\UserSession.cs:44
SERT.SetUserSession.Page_Load(Object sender, EventArgs e) in D:\SERT\SERT\SERT\SetUserSession.aspx.cs:23
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +71
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3064

Answer 1

看起来像问题是服务器正在查看错误的AD控制器。它必须完全写出来。

Answer 2

需要检查的一件事是，运行ASP.NET应用程序的AppPool具有正确的权限。作为一项快速测试，您可以将AppPool的身份设置为本地系统，并查看是否可以解决问题。如果问题在这里，那么您可以将应用程序池标识设置为在此服务器上拥有足够权限的（域？）用户。