C# ASP.NET核心IIS Express广告服务权限错误
我必须为我的asp.net项目创建一个新的开发环境。它需要一个广告服务器,所以我在与IIS服务器和IDE相同的主机上创建了它 我把它转过来,设置了所有新的环境变量,但我遇到了一个有趣的问题 当要求它创建一个新的广告用户帐户时,我得到一个错误:C# ASP.NET核心IIS Express广告服务权限错误,c#,asp.net-core,active-directory,C#,Asp.net Core,Active Directory,我必须为我的asp.net项目创建一个新的开发环境。它需要一个广告服务器,所以我在与IIS服务器和IDE相同的主机上创建了它 我把它转过来,设置了所有新的环境变量,但我遇到了一个有趣的问题 当要求它创建一个新的广告用户帐户时,我得到一个错误: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Unauthoriz
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
--- End of inner exception stack trace ---
at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
at System.DirectoryServices.AccountManagement.SDSUtils.SetPassword(DirectoryEntry de, String newPassword)
at System.DirectoryServices.AccountManagement.ADStoreCtx.SetPassword(AuthenticablePrincipal p, String newPassword)
at System.DirectoryServices.AccountManagement.SDSUtils.InsertPrincipal(Principal p, StoreCtx storeCtx, GroupMembershipUpdater updateGroupMembership, NetCred credentials, AuthenticationTypes authTypes, Boolean needToSetPassword)
at System.DirectoryServices.AccountManagement.ADStoreCtx.Insert(Principal p)
at System.DirectoryServices.AccountManagement.Principal.Save()
方法(迄今为止一直有效)创建用户,但在AD中显示为禁用:
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
Environment.GetEnvironmentVariable("DOMAIN"),
Environment.GetEnvironmentVariable("USER_OU"),
Environment.GetEnvironmentVariable("SERVICE_USERNAME"),
Environment.GetEnvironmentVariable("SERVICE_PASSWORD"));
UserPrincipalEx usr = new UserPrincipalEx(ctx);
usr.Name = Account.FirstName + " " + ticket.Account.LastName;
usr.SamAccountName = Account.Username;
usr.GivenName = Account.FirstName;
usr.Surname = Account.LastName;
usr.DisplayName = Account.FirstName + " " + ticket.Account.LastName;
usr.UserPrincipalName = Account.Username + "@" + Environment.GetEnvironmentVariable("DOMAIN");
usr.Company = Account.Company;
usr.Department = Account.Department;
usr.Description = Account.Description;
usr.SetPassword(temppwd);
usr.ExpirePasswordNow();
usr.Enabled = enabled;
try
{
usr.Save();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
我在生产中使用同一段代码,效果很好。我不明白为什么它在我的新开发环境中会这样,或者什么权限允许它创建帐户,但不启用它。我在不同的服务器上用IIS和AD重建了开发。虽然速度很慢,但我找不到其他解决方案。我在不同的服务器上用IIS和AD重建了Dev。虽然速度慢,但我找不到其他解决方案。您的异常详细信息不完整。您能否更新您的问题以包含实际的异常消息?另外,什么是
usr
?抱歉,更新了消息和代码,因此您确实在广告中看到了新用户?是的,它出现在广告中,但是它是不允许的,在SetPassword
行之前调用usr.Save()
。当我创建帐户时,我必须分两步完成(创建帐户,然后设置密码并启用它)。您的异常详细信息不完整。您能否更新您的问题以包含实际的异常消息?另外,什么是usr
?抱歉,更新了消息和代码,因此您确实在广告中看到了新用户?是的,它出现在广告中,但是它是不允许的,在SetPassword
行之前调用usr.Save()
。创建帐户时,我必须分两步完成(创建帐户,然后设置密码并启用它)