I have tested this in Visual Studio 2013 and it works fine, but after publishing to the web server, I get a 401 error. Here is the code, but I don't think its the issue. I think its the set up on the IIS server that I inherited, since it worked in Visual Studio using my user account. Users are able to login using active directory accounts and passwords on the published site, but when I try to add or remove the user programmatically in the AD group FIDO_Users is when I get the error. The update button is in a Telerik RadGrid FormTemplate, but I am just doing a OnClick from the RadButton to run the code below for AD Group updates. I have tried adding the IUSR to Active Directory since I am using Anonymous and Forms Authentication, but get the same result. What else am I missing?
protected void btnUpdate_OnClick(object sender, EventArgs e)
{
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "ducks.org");
Button btn = sender as Button;
RadTextBox rtxtb = btn.Parent.FindControl("UNameIDBox") as RadTextBox;
string txtb = rtxtb.Text;
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, txtb);
GroupPrincipal groupadAdmin = GroupPrincipal.FindByIdentity(ctx, "FIDO_Users");
RadButton rbFind = btn.Parent.FindControl("rbOpen") as RadButton;
bool rbChekced = rbFind.Checked;
if (rbChekced)
{
if (!user.IsMemberOf(groupadAdmin))
{
groupadAdmin.Members.Add(user);
groupadAdmin.Save();
}
}
else
{
groupadAdmin.Members.Remove(user);
groupadAdmin.Save();
}
}