Last post Feb 25, 2019 06:55 PM by PatriceSc
Feb 25, 2019 05:33 PM|WilliamSnell|LINK
I need to retrieve all addresses assigned to a given user through AD. I wrote the following, which worked fine locally:
var searcher = new DirectorySearcher(new DirectoryEntry("LDAP://domain"));
searcher.Filter = "(&(objectClass=user)(objectcategory=person)(proxyAddresses=*:" + username + "))";
var proxyAddresses = searcher.FindOne().Properties["proxyAddresses"];
var emailRegex = new Regex(@"\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*", RegexOptions.IgnoreCase);
var emails = new List<string>();
foreach (var address in proxyAddresses)
var email = emailRegex.Match(address.ToString()).Value;
When I deployed this to our DEV environment, I received an error from the line where the searcher calls "FindOne". I looked online, and the most promising answer was to install the NuGet package Microsoft.Windows.Compatibility, so I tried that and redeployed
my site, but the problem remained the same. I need one of two things - either to get DirectoryServices to work in my MVC Core application (version 2.2), or find another way to retrieve all emails for a given ActiveDirectory user.
Feb 25, 2019 05:46 PM|PatriceSc|LINK
I received an error
Instead always tell explicitely which error you have. Else we have first to guess which error you SEE from all those that could happen. Do you see a permission related error ?
Feb 25, 2019 06:11 PM|WilliamSnell|LINK
I don't think it's a permissions issue. This is the error:
EXCEPTION: System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.
This is the stack trace from my logs:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at Solution.Controllers.HomeController.Index() in D:\a\1\s\MyProject\Controllers\HomeController.cs:line 39
at lambda_method(Closure , Object , Object )
at Microsoft.Extensions.Internal.ObjectMethodExecutor.Execute(Object target, Object parameters)
at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.SyncActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object arguments)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Rethrow(ResourceExecutedContext context)
at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.Invoke(HttpContext context) | URL: https://mydevsite.azurewebsites.net/ | CONTROLLER: Home | ACTION: Index | REQUEST IP: 184.108.40.206 | USER: email@example.com
From what I've read online, MVC Core doesn't have support for DirectoryServices. The only fix for that I've seen was to install the NuGet package Microsoft.Windows.Compatibility, but that had no effect on my error. Ideally I'd like to find a work-around
for supporting DirectoryServices, but I'm also looking into a LDAP package that side-steps this issue. Any suggestions to get this to work would be appreciated.
Feb 25, 2019 06:55 PM|PatriceSc|LINK
Searching on the error message seems to point rather to a possible firewall issue. Ah you are trying to query your local LDAP directory from an Azure web site ?
Not sure how you could make this to work. You would have to configure a VPN maybe with https://docs.microsoft.com/en-us/azure/app-service/environment/intro ? Another option
might be to use a web service that would expose only the needed information.
Edit: It if was just not supported, I'm not sure how it could run locally and fail only once deployed (a scenario I see might be using a Windows only feature and deploying to Linux but I would except a more specific "not supported on this platform" exception
or something like that).