Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

COMException Unknown error (0x80005000) - DirectoryServices

I've been running into an error on one of my applications that happens a few times a month but has occurred twice this week. When this happens, it's always first thing in the morning when the first user loads the app and begins working (web application, 3-4 internal users) The error originates from this very simple method and once if fails, it will not work until I restart the application pool. Now, I'm querying AD in other ways as well but this is the first AD related method that's called when the users begin work in the morning.

public DomainUser GetDomainUser(string userLoginName)
    {
        using (PrincipalContext context = new PrincipalContext(ContextType.Domain, this.DomainName))
        {
            using (UserPrincipal user = UserPrincipal.FindByIdentity(context, userLoginName))
            {
                // If user is null, the result is not a UserPrinciple
                if (user != null)
                {
                    string firstName = user.GivenName;
                    string middleName = user.MiddleName;
                    string lastName = user.Surname;
                    int empId = Convert.ToInt32(user.EmployeeId);
                    string emailAddr = user.EmailAddress;
                    string userName = user.SamAccountName;
                    DateTime? accountExp = user.AccountExpirationDate;

                    return new DomainUser
                    {
                        FirstName = firstName,
                        MiddleName = middleName,
                        LastName = lastName,
                        EmployeeId = empId,
                        Email = emailAddr,
                        UserName = userName,
                        AccountExpiration = accountExp
                    };
                }

                return null;
            }
        }
    }

So this question is closely related but my permissions are setup correctly and the code works 99% of the time and will continue to run after an application pool restart.

Stack trace looks something like this:

System.Runtime.InteropServices.COMException (0x80005000): Unknown error (0x80005000)
   at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_AdsObject()
   at System.DirectoryServices.PropertyValueCollection.PopulateList()
   at System.DirectoryServices.PropertyValueCollection..ctor(DirectoryEntry entry, String propertyName)
   at System.DirectoryServices.PropertyCollection.get_Item(String propertyName)
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer()
   at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit()
   at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
   at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
   at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate)
   at System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithType(PrincipalContext context, Type principalType, String identityValue)
   at System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue)
   at ADWrapper.AdSearch.GetDomainUser(String userLoginName)

What could the problem be? Memory leaks? The common pattern is that this happens first thing in the morning when the first user begins using the app.

like image 970
Jason Eades Avatar asked Nov 11 '22 09:11

Jason Eades


1 Answers

We had a similar issue. Here was the solution provided by Microsoft. I hope this helps someone.

The DirectoryEntry.Bind function eventually calls into ADsOpenObject (https://learn.microsoft.com/en-us/windows/win32/api/adshlp/nf-adshlp-adsopenobject) This function has a “router”. The initialization of the router enumerates providers from the registry, such as the “LdapNamespace”. This is located at HKEY_CLASSES_ROOT\CLSID{228D9A82-C302-11cf-9AA4-00AA004A5691}\ProgID. The other providers, such as WinNT namespace are also enumerated.

In the trace, an error is returned when looking up these registry keys. The error is,

ERROR_KEY_DELETED

1018 (0x3FA)

Illegal operation attempted on a registry key that has been marked for deletion.

This error can be caused by an unload of the user profile that the process is using for its identity.

The Windows User Profile Service forcefully unloads user profiles. This causes problems with the process.

I have seen this with w3wp.exe and dllhost.exe, where the registry profile is unloaded before the process is done.

Here’s a blog we did on the issue for dllhost.exe: https://blogs.msdn.microsoft.com/distributedservices/2009/11/06/a-com-application-may-stop-working-on-windows-server-2008-when-the-identity-user-logs-off/

You may see warnings in the application log with descriptions like this: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

I think we should try the resolution/workaround in the blog:

Resolution

As a workaround it may be necessary to disable this feature which is the default behavior. The policy setting 'Do not forcefully unload the user registry at user logoff' counters the default behavior of Windows 2008. When enabled, Windows 2008 does not forcefully unload the registry and waits until no other processes are using the user registry before it unloads it.

The policy can be found in the group policy editor (gpedit.msc)

Computer Configuration->Administrative Templates->System-> UserProfiles

Do not forcefully unload the user registry at user logoff

Change the setting from “Not Configured” to “Enabled”, which disables the new User Profile Service feature.

There should not be any side effects from this change.

like image 142
user1777317 Avatar answered Nov 14 '22 21:11

user1777317