We are excited to announce that the IIS.NET Forums are moving to the new Microsoft Q&A experience. Learn more >

DirectorySearcher wired behavior "server is not operational" RSS

5 replies

Last post Jun 09, 2020 02:00 PM by AmitBarkai

  • DirectorySearcher wired behavior "server is not operational"

    Jun 02, 2020 07:30 AM|AmitBarkai|LINK

    Hi All

    i'm experiencing very wired behavior while using the DirectorySearcher class throwing  "Server is not operational"  exception

    while trying to get groups for LDAPs. ( this is a web application using .net 4.5)

    there are 2 call the the LDAP :

    1.getting the domain controllers - works always

    2.getting the domain groups - which fails for some customers

    this is code sample the runs for getting the ldap groups

    using (DirectoryEntry entry = new DirectoryEntry("LDAP://thedomain.com:636/dc=thedomain,dc=com", directory.LdapBindUser, directory.LdapBindPassword))
    {
    string filter = "(&(objectClass=group))";
    using (DirectorySearcher searcher = new DirectorySearcher(entry, filter))
    {
    foreach (SearchResult result in searcher.FindAll())
    {
    }
    }

    i've also created a console application , that runs on the same machine using the same code and the it worked !

    so my only guess it might be related the the IIS or a missing web.config value that prevent the application from blocking the response.

  • Re: DirectorySearcher wired behavior "server is not operational"

    Jun 03, 2020 03:23 AM|Yuk Ding|LINK

    Hi AmitBarkai,

    Could you post stack trace in your event viewer application log? Please try to set the application pool identity to local system. Maybe operation was isolated for some reason.

    Best Regards,

    Jokies Ding

    Yuk Ding

    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue.
  • Re: DirectorySearcher wired behavior "server is not operational"

    Jun 08, 2020 07:27 AM|AmitBarkai|LINK

    would like to add an important update regarding this issue.

    it seems that the first attempt to run group query using works !.

    meaning after doing an iisrest , ldap group query works.

    after 120 secounds.

    things stopped working .

    is there any reason to this wired behavior ?

  • Re: DirectorySearcher wired behavior "server is not operational"

    Jun 09, 2020 09:35 AM|Yuk Ding|LINK

    Hi AmitBarkai,

    Did you receive any exception in event viewer application log?

    Best Regards,

    Jokies Ding

    Yuk Ding

    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue.
  • Re: DirectorySearcher wired behavior "server is not operational"

    Jun 09, 2020 09:45 AM|AmitBarkai|LINK

    no , there was not exception in the event viewer

    no , exception in the iis logs.

    another progress we made today which raise a question if there is an issue with the session 

    the DirectorySearcher creates with the ldap

    meaning .

    is there any way / known bug the the dispose of directorysearcher doesn't really dispose the objects

    and the session is still kept ?

    please note i've used a using statement so i would expect the dispose to be called at the end of the using section

    and when calling the group query again a new session will be created 

  • Re: DirectorySearcher wired behavior "server is not operational"

    Jun 09, 2020 02:00 PM|AmitBarkai|LINK

    i now have another step with understanding my issue

    after calling the code mentioned above
    i could see after running netstat on the ldap machine  ( netstat -nat | findstr my_ip_address | findstr :389 )
    i could see the connection stays established even when the using section is done

    TCP LDAP_IP:389 MY_IP:24730 ESTABLISHED InHost

    i could see there is another parameter authentication type , by default Secure
    when using my code this way the connection is disposed after the using section
    ```

    using (var directoryEntry = new DirectoryEntry(
    directoryPath,
    ConfigurationManager.AppSettings["ldapUsername"],
    ConfigurationManager.AppSettings["ldapPassword"],
    AuthenticationTypes.Anonymous))
    {

    }
    ```

    is there any reason why the TCP session is kept after the using section is done ? 

    is there a commandeered AuthenticationType ?