1

ユーザーが次のようなグループのメンバーであるかどうかを確認しようとしています。

if (conditionalGroup != null)
            {
                if (!currentUser.IsMemberOf(conditionalGroup))
                {
                    _logger.Debug("Adding user to Specific group.");
                    conditionalGroup.Members.Add(currentUser);
                    conditionalGroup.Save();
                }

                conditionalGroup.Dispose();
            }

ただし、これでは失敗します。An error (1789) occurred while enumerating the group membership. The member's SID could not be resolved.

このグループは、ローカルマシンのUsersグループです。IIS_IUSRSグループでも同じことを行いますが、それで問題ありません。これは今日私のビルドマシンで始まったばかりで、以前からずっと機能していました。これはバグですか、それとも私は何か間違ったことをしていますか?

これが私がユーザーを作成する方法です:

pc = new PrincipalContext(ContextType.Machine); currentUser = UserPrincipal.FindByIdentity(pc、u.UserName);

            if (currentUser == null)
            {
                currentUser = new UserPrincipal(pc)
                    {
                        Name = u.UserName,
                        Description = u.UserDescription,
                        UserCannotChangePassword = false,
                        PasswordNeverExpires = true
                    };

                currentUser.SetPassword(u.UserPassword);
                currentUser.Save();
            }
4

1 に答える 1

2

On Windows, you usually see all users and groups with their names. But. sometimes occassionally you find a user or group that is displayed not by name, but by it's SID. This happens when the System find an entry that claims to refer to such ID, but the ID is not registered or not found in the System's name table/database.

The easiest way to see that is to borrow someone's pendrive with NTFS partition on it and some user-files created on remote machine that has different accounts. Browse, rightclick, see Permissions, voila lots of SIDs.

Start with inspecting your group that 'fails', ie. in SystemTools there's an applet ComputerManagement where you can browse most of the User and Groups registrations. View that Group, see its members and check if all of them are seen by-name, and none by "S-1-5..." number. If you find numeric one, try checking the classification support.microsoft.com/kb/243330 - maybe you will guess how that user got added there and why he is unnamed.

Anyways, which line of that code fails actually? IsMemberOf or Members.Add or Save?

于 2012-08-17T13:50:01.603 に答える