In the case that I'm getting groups for a UserPrincipal identity (in an Active Directory role provider), and I use the UserPrincipal.GetGroups() function that does not require a PrincipalContext as parameter, what does it default to using for the PrincipalContext? I ask as in troubleshooting an issue, I'm seeing seeing it connect to a different AD server that is not the connected server for my PrincipalContext. Some code as an example:
using ( PrincipalContext context = new PrincipalContext( ContextType.Domain, "domain", null, ContextOptions.Negotiate ) )
{
UserPrincipal identity = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, username );
if (identity != null)
{
var groupList = identity.GetGroups();
}
}
If I output context.ConnectedServer I get a valid active server. However, identity.GetGroups() appears to connect to a different server (in my case, it's throwing a System.DirectoryServices.ActiveDirectory.ActiveDirectoryServerDownException because it's connecting to an old server). If I instead use identity.GetGroups(context), the groups are correctly returned. Why does calling GetGroups without a PrincipalContext cause it to default to connecting to a different server?