The following code only works while only Windows Authentication is enabled in IIS for local users on our network.
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
UserPrincipal up = UserPrincipal.FindByIdentity(ctx, userName);
return up;
}
Otherwise it throws this exception:
[ArgumentException: The (&(objectCategory=user)(objectClass=user)(|(userPrincipalName=)(distinguishedName=)(name=))) search filter is invalid.] System.DirectoryServices.ResultsEnumerator.MoveNext() +434305 System.DirectoryServices.SearchResultCollection.get_InnerList() +282 System.DirectoryServices.SearchResultCollection.get_Count() +9 System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRefHelper(Type principalType, String urnScheme, String urnValue, DateTime referenceDate, Boolean useSidHistory) +1898 System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRef(Type principalType, String urnScheme, String urnValue, DateTime referenceDate) +85 System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +211 System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) +95 WebApplication1.Index.GetUserPrincipal(String userName) in C:\Users\xxx\Documents\Visual Studio 2010\Projects\WebApplication1\WebApplication1\Index.aspx.cs:38 WebApplication1.Index.Page_Load(Object sender, EventArgs e) in C:\Users\xxx\Documents\Visual Studio 2010\Projects\WebApplication1\WebApplication1\Index.aspx.cs:19 System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25 System.Web.UI.Control.LoadRecursive() +71 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3064
Is there any way of getting this to work for getting our local users UserPrincipal while Windows and Anonymous authentication are both turned on?
userName
must be an empty string (or in some other way, entirely composed of whitespace), and apparently it's not validated by FindByIdentity
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With