Unable to cast object of type in System.DirectoryServices.AccountManagement.GroupPrincipal

Question

I am Using Method UserPrincipal.Current.ToString() in Domain to Get Current Logged in Domain User with Valid Domain. but when i am Displaying it in a string its giv

Answer 1

The issue here is that the UserPrincipal.Current property will try to access the context of the current thread. Without ASP.NET impersonation however, it means that the identity will be the application pool's configured identity. Even with ASP.NET impersonation, it has to access the Active Directory in some way and thus needs to authenticate against the domain controller. If the selected authentication method in IIS doesn't provide for that, a similar error is likely.

In my experience, only "BASIC" authentication and a 100% correctly implemented version of "KERBEROS" will work. Keep in mind that Kerberos is not really compatible with the way application pools and SPNs are handled and is likely to fail. NTLM - which is the fallback for Windows authentication in IIS - will not work due to lack of password on the Server.

A good read about the HTTP/Kerberos problems is: http://blogs.msdn.com/b/friis/archive/2009/12/31/things-to-check-when-kerberos-authentication-fails-using-iis-ie.aspx