MVC5 .NET app and obtaining current user name

Question

I have an MVC5 web app that I utilize the following to obtain current user info. I have enabled windows login for the web app on IIS.

private readonly string _userName = UserPrincipal.Current.DisplayName;

item.CreatedBy = _userName;

This works when running the app on my development machine, however when I publish to IIS, it throws exceptions:

The (&(objectCategory=user)(objectClass=user)(|(userPrincipalName=)(distinguishedName=)(name=))) search filter is invalid.

How do I get this to work on the IIS server to correctly obtain user info?

BTW - I've also tried this:

private readonly PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

var user = UserPrincipal.FindByIdentity(ctx, User.Identity.Name);

item.CreatedBy = user.DisplayName;

but to no avail.

ASP.NET impersonation was NOT turned on. I did enable and now just "An operations error occured" on the web page. — Drew Jackson, Jun 06 '18 at 16:04

score 0 · Answer 1 · answered Jun 06 '18 at 15:06

0

This may be what you mean by "I have enabled windows login for the web app on IIS", but confirm that you have Windows Authentication enabled on IIS itself. Details on what's going wrong in your "to no avail" case may also be helpful.

answered Jun 06 '18 at 15:06

RyeBread

170
1
9

Seems similar to https://stackoverflow.com/questions/14340045/userprincipal-object-active-directory-query-directoryservicescomexception. Impersonating a specific domain account with correct access or changing the app pool identity should rule out a permissions issue. – RyeBread Jun 06 '18 at 16:22
I tried setting the app pool identity as NetworkService, and also tried an actual domain admin account, same error. – Drew Jackson Jun 06 '18 at 16:42
I was going to suggest turning impersonation off for the attempt at setting the app pool identity to network service. – RyeBread Jun 06 '18 at 16:49
Currently, impersonation is off, and app pool identity is set to NetworkService. The same error as in the original post pops up. – Drew Jackson Jun 06 '18 at 16:53
Using 'item.CreatedBy = User.Identity.Name;' throws a different error stating that my model is not valid. – Drew Jackson Jun 06 '18 at 17:18

score 0 · Answer 2 · answered Jun 06 '18 at 18:45

Looks like anonymous authentication was still enabled on the Default Web Site in IIS. I disabled, and now it works with the following code:

private readonly PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

var user = UserPrincipal.FindByIdentity(ctx, User.Identity.Name);

item.CreatedBy = user.DisplayName;

MVC5 .NET app and obtaining current user name

2 Answers2