Error with UserPrincipal Getauthorizationgroups

Question

Error1: An operations error occurred.

Error2: While trying to retrieve the authorization groups, an error (110) occurred.

public static bool CheckGroupMembership(string userID, string groupName, string domain)
{
    bool isMember = false;

    // Get an error here, so then I use my username/password and it works... 
    PrincipalContext ADDomain = new PrincipalContext(ContextType.Domain, domain); 

    UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(ADDomain, userID);

    PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetAuthorizationGroups(); //<-- Error is here: 

    foreach (Principal oResult in oPrincipalSearchResult)
    {
        if (oResult.Name.ToLower().Trim() == groupName.ToLower().Trim())
        {
            isMember = true;
        }
    }
    return isMember;
}

This all works when I am debugging on the same machine, it is only failing when I am pulling up the web page from a remote server.

Answer 1

Here is what I did.

Because I wanted the DLL to remain seporated and independent from SharePoint, I added this in the SharePoint call for the methods that require this...

        SPSecurity.RunWithElevatedPrivileges(delegate()
        {
            .... method goes here ....
        });

In the DLL file it is calling I added this:

    private static bool UserHasPermisions(string userAccount, List<string> list)
    {
        bool userHasPermisions = true; 

        if (list != null && list.Count > 0)
        {
            userHasPermisions = false;

            foreach (string item in list)
            {
                if (CheckGroupMembership(userAccount, item, "domain.local goes here..."))
                {
                    userHasPermisions = true;
                }
            }
        }

        return userHasPermisions;
    }


public static bool CheckGroupMembership(string userID, string groupName, string domain)
    {
        bool isMember = false;

        try
        {
            PrincipalContext ADDomain = GetPrincipalContext();

            UserPrincipal oUserPrincipal = UserPrincipal.FindByIdentity(ADDomain, userID);

            PrincipalSearchResult<Principal> oPrincipalSearchResult = oUserPrincipal.GetAuthorizationGroups();

            foreach (Principal oResult in oPrincipalSearchResult)
            {
                if (oResult.Name.ToLower().Trim() == groupName.ToLower().Trim())
                {
                    isMember = true;
                }
            }
        }
        catch { }

        return isMember;
    }

    private static PrincipalContext GetPrincipalContext()
    {
        string domain = "your local domain";
        string defaultOU = "DC=domain here,DC=local";
        string serviceUser = @"domain here\read only system account";
        string servicePassword = @"password goes here";

        PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain, domain, defaultOU, ContextOptions.SimpleBind, serviceUser, servicePassword);

        return oPrincipalContext;
    }

I didn't like to go this route, but in order to keep the DLL independent I had to.