System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred

Question

I have the same web app working in three others servers. Anyone have any idea why is not working in the 4th server? See the error and stacktrace:

Answer 1

In my case, switching from ApplicationPoolItentity to NetworkService in the app pool did work BUT it not preferred "because services running as Network Service can tamper with other services that run under the same identity" per the following link: (http://www.iis.net/learn/manage/configuring-security/application-pool-identities).

I ran the hotfix (KB2545850) on the server and rebooted per this answer:(DirectoryServicesCOMException 80072020 From IIS 7.5 Site Running Under ApplicationPoolIdentity)

It appears to be working well now.

Background on my task: Upgrading apps from .net framework 2.0 on Server 2003 to .net framework 4.0 on Server 2008 R2.

Answer 2

I had exactly the same error and fixed it by changing the site's application pool to run under the Network Service.

In IIS:

• Select your site's application pool
• Select Advanced Settings on the right-hand side
• On the Advanced Settings pop-up window, scroll down to the Process Model group
• Change the first option called Identity to NetworkService (mine was set to the default ApplicationPoolIdentity).

I hope this helps.

Answer 3

I know this topic is old but just for future people who will be looking for this issue Just use this method to execute the code with Elevate privileges

using (HostingEnvironment.Impersonate()) {
    // This code runs as the application pool user
    }

Answer 4

There isn't an InnerException in this case, it's just wrapping a COM error.

Almost certainly it's because your Application Pool identity does not have permission to access Active Directory.

Answer 5

My Experience was little different with this Error. I had to move on-premise application to Azure, where the LDAP call was happening from on-premise, but not from Azure even after opening the required firewall.

I tried all solution mentioned above, but none of them was helpful. Network service was already selected on Azure VM.

After lot of hit and trial and research. I fixed it.

Solution: On-Premise server was having permission to access LDAP and did not required any UserName and Password. But on Azure, you need to specifically make LDAP call with username and Password. Below is the code which helped.

 var directoryEntry= new DirectoryEntry(adspath, Username, Password)

Answer 6

So if you place a breakpoint on the line:

UserPrincipal userAD = UserPrincipal.FindByIdentity(context, user.Login);

and step through it, it generates the above exception which does not have any InnerExceptions?

According to the stack trace, that line is the beginning of the problem. The returned exception should have at least some other information in it as to why it was thrown.

InnerException Concatenator

The following method takes the top level exception and returns a tab and linebreak formatted breakdown of the inner exceptions as a string.

    private static string InnerExceptionConcatenator(Exception ex, int tabTracker = 0)
    {
        string retVal = "";
        if (ex.InnerException != null)
        {
            tabTracker ++;
            retVal = string.Format( "{0}\r\n{1}{2}", ex.Message, new String('\t', tabTracker), InnerExceptionConcatenator(ex.InnerException));
        }
        else
        {
            retVal = ex.Message;
        }
        return retVal;
    }

You can call it thusly:

try
{

}
catch(ex Exception)
{
    var exceptionString = InnerExceptionConcatenator(ex);
    var path = @"c:\temp\exception.txt";
    if (!File.Exists(path)) 
    {
        using (StreamWriter sw = File.CreateText(path)) 
        {
            sw.WriteLine(exceptionString);
        }   
    }
    else
    {
        using (StreamWriter sw = File.AppendText(path)) 
        {
            sw.WriteLine(exceptionString);
        }
    }
}