none
Information about the domain could not be retrieved (1355) RRS feed

  • Question

  • Hello,

    I'm finishing up my program and just today I realized that I can't fetch the group on a domain non-member computer (everything works on a domain member computer) but only if the user is not inside the group, if the user is inside both groups there's no error, otherwise it crashes...

    This is the function:

            public bool[] IsUserGroupMember(string sUserName, string sGroupName, string sGroupName2)
            {
                UserPrincipal oUserPrincipal = GetUser(sUserName);
                GroupPrincipal oGroupPrincipal = GetGroup(sGroupName);
                GroupPrincipal oGroupSecundary = GetGroup(sGroupName2);
    
                if (oUserPrincipal != null && oGroupPrincipal != null && oGroupSecundary != null)
                {
                    return new bool[] {oUserPrincipal.IsMemberOf(oGroupPrincipal), oUserPrincipal.IsMemberOf(oGroupSecundary)};
                }
    
                return new bool[] {false};
            }


    This are the functions required by that function:

            public PrincipalContext GetPrincipalContext()
            {
                PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, Dominio, stringAD, @Adminlogin, Adminpass);
                return oPrincipalContext;
            }
    
            public UserPrincipal GetUser(string sUserName)
            {
                PrincipalContext oPrincipalContext = GetPrincipalContext();
    
                UserPrincipal oUserPrincipal =
                    UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);
                return oUserPrincipal;
            }
    
            public GroupPrincipal GetGroup(string sGroupName)
            {
                PrincipalContext oPrincipalContext = GetPrincipalContext();
    
                GroupPrincipal oGroupPrincipal =
                    GroupPrincipal.FindByIdentity(oPrincipalContext, sGroupName);
                return oGroupPrincipal;
            }

    A screenshot of the code: https://image.prntscr.com/image/T4Up24Q6ScKMGyGZz1-qjg.png

    As I said before, this works on a domain member computer...

    I can ping my domain, and I also have the domain poiting out to the machine IP on hosts file.

    The machine's firewall is disabled.

    I'm using VMware for the Windows Server 2012 R2 machine

    Does anyone have any idea?


    • Edited by Karbust Thursday, June 28, 2018 1:48 PM
    Thursday, June 28, 2018 1:09 PM

All replies

  • Hi Karbust,

    Thank you for posting here.

    For your question, please try to authenticate for Cross Domain Users. If you want to do cross Domain authentication, please use the Domain of user which you want to authenticate.

    Normally, we have two ways to authenticate user cross Domain. One is PrincipalContext. The other is DirectoryServices.

    You could download the source file from the code project and refer to the article.

    https://www.codeproject.com/Articles/608447/Directory-Authentication-for-Cross-Domain-Users-in

    Best Regards,

    Wendy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Friday, June 29, 2018 2:48 AM
    Moderator
  • I'm validating the login using PrincipalContext:

            public PrincipalContext GetPrincipalContext()
            {
                PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, Dominio, stringAD, ContextOptions.SimpleBind, @Adminlogin, Adminpass);
                return oPrincipalContext;
            }
    
            public bool Validarlogin(string sUserName, string sPassword)
            {
                PrincipalContext oPrincipalContext = GetPrincipalContext();
                return oPrincipalContext.ValidateCredentials(sUserName, sPassword);  
            }

    On Adminlogin and Adminpass I'm using the System Admin from Active Directory, the Administrator account.

    The ValidarLogin function uses an argument sUserName and sPassword that the client inputs on the textbox.

    Am I doing this right? Do I need to remove the users from the PrincipalContext function?

    Thanks for your answer

    Friday, June 29, 2018 12:34 PM