GetAuthorizationGroups() is throwing exception

Question

PrincipalContext context = new PrincipalContext(ContextType.Domain, \"ipofmachine\", \"DC=xyz,DC=org\", \"username\", \"Password\");

UserPrincipal userPrinciple = U         


        

Answer 1

I've found there's an issue when you add a domain user to a local group, but later that domain user is deleted out of Active Directory. The state of that local group is that instead of a domain username showing up as a member, the SID is used instead.

BUT!

That SID doesn't exist in Active Directory anymore causing things to go boom.

Of course there could be many other reasons for an NoMatchingPrincipalException to pop up, so this code provides a workaround for that. It comes from a terrific post on MSDN. The code below is a modified version found here:

http://social.msdn.microsoft.com/Forums/vstudio/en-US/9dd81553-3539-4281-affffd-3eb75e6e4d5d/getauthorizationgroups-fails-with-nomatchingprincipalexception

    public static IEnumerable<Principal> getAuthorizationGroups(UserPrincipal user)
    {
        PrincipalSearchResult<Principal> groups = user.GetAuthorizationGroups();
        List<Principal> ret = new List<Principal>();
        var iterGroup = groups.GetEnumerator();
        using (iterGroup)
        {
            while (iterGroup.MoveNext())
            {
                try
                {
                    Principal p = iterGroup.Current;
                    Console.WriteLine(p.Name);
                    ret.Add(p);
                }
                catch (NoMatchingPrincipalException pex)
                {
                    continue;
                }
            }
        }
        return ret;
    }