Getting "The server could not be contacted." when trying to access active directory
I'm trying this code:
public bool isTravelAdmin(string srvr, string usr, string password)
{
System.Diagnostics.Debug.WriteLine("I'm in isTravelAdmin!");
PrincipalContext domainctx = new PrincipalContext(ContextType.Domain, srvr);
UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(domainctx, IdentityType.SamAccountName, usr);
bool isMember = userPrincipal.IsMemberOf(domainctx, IdentityType.Name, "traveladmin");
if (isMember)
{
System.Diagnostics.Debug.WriteLine("This user is INDEED a member of that group");
return true;
}
else
{
System.Diagnostics.Debug.WriteLine("This user is *NOT* member of that group");
return false;
}
}
Which is supposed to check if a user belongs to a certain group ("traveladmin"), but I'm getting
System.DirectoryServices.AccountManagement.PrincipalServerDownException
Any idea why and how to solve? by the way:
srvr = "LDAP://192.168.56.101/CN=Users,DC=estagioit,DC=local"
PS: I'm using the same srvr on another method and it's working and connecting.
PSS: If this is not the best way to go about this I'm open to suggestions.
Answer
The problem is how the "Principal Context" is written... it should be:
PrincipalContext thisPrincipalContext = new PrincipalContext(ContextType.Domain, "DCESTAGIO");
in this case.
If you look at the documentation for the PrincipalContext constructors, it should be quite clear:
public PrincipalContext(ContextType contextType, string name)
or
public PrincipalContext(ContextType contextType, string name, string container)
So you basically need:
- your context type (here:
ContextType.Domain) - the domain name (try just the "Netbios" name, e.g. "YOURDOMAIN" - or leave NULL for "default" domain)
- optionally a container (as an LDAP path - a "distinguished" name,
full path but without any
LDAP://prefix)
as seen in this answer.