UserPrincipal.FindByIdentity throws exception - There is no such object on the server

c# active-directory directoryservices
Sean Anderson picture Sean Anderson · Jan 4, 2013 · Viewed 18.2k times · Source

I'm struggling with a simple scenario: I would like to retrieve my account from Active Directory using the username and password which I use to log into my computer.

My first issue was that I was receiving a referral from the server when attempting to call UserPrincipal.FindByIdentity. I thought that this was a bit weird, given the fact that PrincipalContext.ValidateCredentials was working fine, but it turns out that my DC path was incorrect.

I wasn't sure how to properly craft my OU/DC string. As such, I found this SO post which helpful provided the following bit of code:

private static string GetDomainControllerString()
{
    string pdc;
    using (var context = new PrincipalContext(ContextType.Domain))
    {
        string server = context.ConnectedServer; // "pdc.examle.com"
        string[] splitted = server.Split('.'); // { "pdc", "example", "com" }
        IEnumerable<string> formatted = splitted.Select(s => String.Format("DC={0}", s));// { "DC=pdc", "DC=example", "DC=com" }
        string joined = String.Join(",", formatted); // "DC=pdc,DC=example,DC=com"

        // or just in one string

        pdc = String.Join(",", context.ConnectedServer.Split('.').Select(s => String.Format("DC={0}", s)));
    }

    return pdc;
}

After using this code to properly generate my DC string, my error message changed. Now, I am receiving the error "There is no such object on the server." I suspect the issue is either with my OU or how I am calling FindByIdentity.

Here is the location of my user account which I am trying to retrieve:

enter image description here

And here is how I am attempting to access said user:

private static void Main(string[] args)
{
    const string Domain = "SLO1.Foo.Bar.biz";
    const string DefaultOU = "OU=Users,DC=SLO1,DC=Foo,DC=Bar,DC=biz";
    const string username = @"sanderso";
    const string password = "**********";

    var principalContext = new PrincipalContext(ContextType.Domain, Domain, DefaultOU, ContextOptions.Negotiate, username, password);
    bool areCredentialsValid = principalContext.ValidateCredentials(username, password, ContextOptions.Negotiate);

    if (areCredentialsValid)
    {
        UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(principalContext, username);
    }
}

I have also tried calling:

UserPrincipal.FindByIdentity(principalContext, IdentityType.Name, "Sean Anderson");
UserPrincipal.FindByIdentity(principalContext, "Sean Anderson");

these were equally unsuccessful.

Answer

Daro picture Daro · Jan 4, 2013

I belive the object that does not exist is:

"OU=Users,DC=SLO1,DC=Foo,DC=Bar,DC=biz"

Users is a container, not an OU. So correcty you need:

"CN=Users,DC=SLO1,DC=Foo,DC=Bar,DC=biz"

Related questions

Error 0x80005000 and DirectoryServices

I'm trying to run a simple LDAP query using directory services in .Net. DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://someserver.contoso.com/DC=contoso,DC=com"); directoryEntry.AuthenticationType = AuthenticationTypes.Secure; DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry); directorySearcher.Filter = string.Format("(&(objectClass=…

Read More
How to get all the AD groups for a particular user?

I checked this post already. But it doesn't answer my question. I want to get all the active directory groups in which a particular user is a member. I've written the following code. But I'm not able to proceed further …

Read More
How to programmatically change Active Directory password

I have a set of test accounts that are going to be created but the accounts will be setup to require password change on the first login. I want to write a program in C# to go through the test …

Read More