UserPrincipal.GetGroups throws exception if user distinguishedName has a slash #25887
For AD user objects that have a forward slash in the distinguished name,
The forward slash might be in the CN of the object, or in any OU in the path of the DN, for example:
Here is the test code:
The problem seems to be line 1218 of ADStoreCtx.cs:
This is putting the distinguished name into an LDAP path without escaping the slashes in the DN. I enabled debugging for .NET code, and after that line, I changed the
There may be other places in the code where this should be taken into account as well: anywhere that a distinguished name is being dropped into an LDAP path, like possibly line 1830 in that same file (although I haven't tested that - I just searched the file for "://"). Maybe elsewhere too.
This is a bug in the full .NET Framework too, but I'm not sure where to report bugs for the full framework. If you can let me know, I don't mind reporting there too.
This came from a question in StackOverflow: https://stackoverflow.com/questions/49805255/0x80005000-unknown-error-on-userprincipal-getgroups-with-special-characters-in-o/49816959
The text was updated successfully, but these errors were encountered:
No, it hasn't been fixed yet.
As an alternative, you can get a user's groups using