Work with PrincipalContextin the code that is behind the WCF service. The WCF service represents itself to provide end-to-end authentication.
While everything else that I do in Active Directory (mainly in the namespace System.DirectoryServices.Protocols) works fine in this scenario, for some reason, the classes in System.DirectoryServices.AccountManagement throw a fit. Failed to execute example code:
PrincipalContext context = new PrincipalContext(ContextType.Domain, domainName);
UserPrincipal user =
UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, UserName);
When I make a call FindByIdentity, I get a COMException: "An operational error has occurred." Calls are PrincipalContextalso not being made, for example:
string server = context.ConnectedServer;
Both OperationContext.Current.ServiceSecurityContextand Thread.CurrentPrincipal.Identityshow that impersonation works correctly. And, as I said, other AD tasks in S.DS.P work fine.
If I explicitly set the credentials in PrincipalContext, everything works. For instance:
PrincipalContext context =
new PrincipalContext(ContextType.Domain, domainName, user, password);
UserPrincipal user =
UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, UserName);
Now everything works. But I will not know the username and password of the caller; I have to rely on impersonation.
Any ideas on what will cause the problem I am seeing?
Thanks in advance! James