PrincipalContext: Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred

Question

I am trying to search AD for a user, but it keeps throwing an exception. The application is setup to use AppPool. and I am certain that the logged in user has access to search AD.

Code:

public static UserADInfoModel ResolveUserProperties(string sam)
        {
            UserADInfoModel uad = new UserADInfoModel();
            PrincipalContext DC = new PrincipalContext(ContextType.Domain, 
            "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
            UserPrincipal userSearch = new UserPrincipal(DC);
            userSearch.SamAccountName = "(&(objectClass=user)(sam)";
            PrincipalSearcher search = new PrincipalSearcher();
            search.QueryFilter = userSearch;
            PrincipalSearchResult<Principal> res = search.FindAll();

stack trace:

[DirectoryServicesCOMException (0x80072020): An operations error occurred.
]
   System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) +399003
   System.DirectoryServices.DirectoryEntry.Bind() +36
   System.DirectoryServices.DirectoryEntry.get_SchemaEntry() +35
   System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) +47
   System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) +116
   System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) +143
   System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit() +244

Source Error:

Line 45:             PrincipalContext DC = new PrincipalContext(ContextType.Domain, "lm.lmig.com", "DC=lm,DC=lmig,DC=com,OU=LM Users");
Line 46:             UserPrincipal userSearch = new UserPrincipal(DC);
Line 47:             userSearch.SamAccountName = "(&(objectClass=user)(sam)";
Line 48:             PrincipalSearcher search = new PrincipalSearcher();
Line 49:             search.QueryFilter = userSearch;

score 1 · Accepted Answer · answered Jan 31 '18 at 17:43

To me, the assignment of wrong values in PrincipalContext constructor and the value assigned to SamAccountName looks suspicious, and seems the possible cause of exception.

The DN should contain the path in reverse order, i.e., starting should be with an OU or CN when both OU and DC components are there. Also, SamAccountName value must be a string value which is valid.

Please try the following way:

 PrincipalContext DC = new PrincipalContext(ContextType.Domain, 
        "lm.lmig.com", "OU=LM Users,DC=lm,DC=lmig,DC=com");
 userSearch.SamAccountName = sam; // assuming sam is an actual possible string value.
 // sAMAccountName must be a string value as shown above, and not a filter type.
 PrincipalSearcher search = new PrincipalSearcher();
 search.QueryFilter = userSearch;
 PrincipalSearchResult<Principal> res = search.FindAll();

thanks! I'm pretty sure that worked. I'm not getting that particular error anymore. — Melaa, Jan 31 '18 at 18:54

PrincipalContext: Exception Details: System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred

1 Answers1