Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
UserPrincipal.GetGroups throws exception if user distinguishedName has a slash #29090
For AD user objects that have a forward slash in the distinguished name,
The forward slash might be in the CN of the object, or in any OU in the path of the DN, for example:
Here is the test code:
The problem seems to be line 1218 of ADStoreCtx.cs:
This is putting the distinguished name into an LDAP path without escaping the slashes in the DN. I enabled debugging for .NET code, and after that line, I changed the
There may be other places in the code where this should be taken into account as well: anywhere that a distinguished name is being dropped into an LDAP path, like possibly line 1830 in that same file (although I haven't tested that - I just searched the file for "://"). Maybe elsewhere too.
This is a bug in the full .NET Framework too, but I'm not sure where to report bugs for the full framework. If you can let me know, I don't mind reporting there too.
This came from a question in StackOverflow: https://stackoverflow.com/questions/49805255/0x80005000-unknown-error-on-userprincipal-getgroups-with-special-characters-in-o/49816959