System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred

允我心安 提交于 2019-11-27 07:04:32

I had exactly the same error and fixed it by changing the site's application pool to run under the Network Service.

In IIS:

  • Select your site's application pool
  • Select Advanced Settings on the right-hand side
  • On the Advanced Settings pop-up window, scroll down to the Process Model group
  • Change the first option called Identity to NetworkService (mine was set to the default ApplicationPoolIdentity).

I hope this helps.

I know this topic is old but just for future people who will be looking for this issue Just use this method to execute the code with Elevate privileges

using (HostingEnvironment.Impersonate()) {
    // This code runs as the application pool user
    }
Joe

There isn't an InnerException in this case, it's just wrapping a COM error.

Almost certainly it's because your Application Pool identity does not have permission to access Active Directory.

Tony L.

In my case, switching from ApplicationPoolItentity to NetworkService in the app pool did work BUT it not preferred "because services running as Network Service can tamper with other services that run under the same identity" per the following link: (http://www.iis.net/learn/manage/configuring-security/application-pool-identities).

I ran the hotfix (KB2545850) on the server and rebooted per this answer:(DirectoryServicesCOMException 80072020 From IIS 7.5 Site Running Under ApplicationPoolIdentity)

It appears to be working well now.

Background on my task: Upgrading apps from .net framework 2.0 on Server 2003 to .net framework 4.0 on Server 2008 R2.

My Experience was little different with this Error. I had to move on-premise application to Azure, where the LDAP call was happening from on-premise, but not from Azure even after opening the required firewall.

I tried all solution mentioned above, but none of them was helpful. Network service was already selected on Azure VM.

After lot of hit and trial and research. I fixed it.

Solution: On-Premise server was having permission to access LDAP and did not required any UserName and Password. But on Azure, you need to specifically make LDAP call with username and Password. Below is the code which helped.

 var directoryEntry= new DirectoryEntry(adspath, Username, Password)

1 - Change application pool to run under the Network Service.
2 - Click on the Authentication and disable ASP.Net impersonation.

So if you place a breakpoint on the line:

UserPrincipal userAD = UserPrincipal.FindByIdentity(context, user.Login);

and step through it, it generates the above exception which does not have any InnerExceptions?

According to the stack trace, that line is the beginning of the problem. The returned exception should have at least some other information in it as to why it was thrown.

InnerException Concatenator

The following method takes the top level exception and returns a tab and linebreak formatted breakdown of the inner exceptions as a string.

    private static string InnerExceptionConcatenator(Exception ex, int tabTracker = 0)
    {
        string retVal = "";
        if (ex.InnerException != null)
        {
            tabTracker ++;
            retVal = string.Format( "{0}\r\n{1}{2}", ex.Message, new String('\t', tabTracker), InnerExceptionConcatenator(ex.InnerException));
        }
        else
        {
            retVal = ex.Message;
        }
        return retVal;
    }

You can call it thusly:

try
{

}
catch(ex Exception)
{
    var exceptionString = InnerExceptionConcatenator(ex);
    var path = @"c:\temp\exception.txt";
    if (!File.Exists(path)) 
    {
        using (StreamWriter sw = File.CreateText(path)) 
        {
            sw.WriteLine(exceptionString);
        }   
    }
    else
    {
        using (StreamWriter sw = File.AppendText(path)) 
        {
            sw.WriteLine(exceptionString);
        }
    }
}
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!