I’m trying to validate the user credentials in a C# application using a DOT NET API - System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials() -
ValidateCredentials() creates the connection to the server and validates the specified credentials if the connection is successful.
This method works perfectly fine in a normal windows machine. When I try this in a Docker container I’m getting below error –
*System.DirectoryServices.AccountManagement.PrincipalOperationException: The network location cannot be reached. For information about network troubleshooting, see Windows Help.*
* ---> System.Runtime.InteropServices.COMException: The network location cannot be reached. For information about network troubleshooting, see Windows Help.*
* at System.DirectoryServices.AccountManagement.UnsafeNativeMethods.IADs.Get(String bstrName)*
* at System.DirectoryServices.AccountManagement.CredentialValidator.BindSam(String target, String userName, String password)*
* --- End of inner exception stack trace ---*
* at System.DirectoryServices.AccountManagement.CredentialValidator.BindSam(String target, String userName, String password)*
* at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String userName, String password)*
* at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String userName, String password)*
Steps to Reproduce –
Here is my C# console application -
using System;
using System.DirectoryServices.AccountManagement;
using System.Net;
namespace TestPC
{
class Program
{
static void Main(string[] args)
{
ContextType contextType = ContextType.Machine;
string domain = args[0];
string user = args[1];
string password = args[2];
try
{
if (domain == "." || (string.Compare(domain, System.Net.Dns.GetHostName(), true) == 0))
{
// if not "." or host name
domain = Dns.GetHostName();
}
else
{
contextType = ContextType.Domain;
}
Console.WriteLine("contectType ={0}, domain = {1}", contextType, domain);
PrincipalContext pc = new PrincipalContext(contextType, domain);
bool isValid = pc.ValidateCredentials(user, password);
}
catch (Exception ex)
{
Console.WriteLine("Message = {0}", ex.Message);
Console.WriteLine("Stack Trace = {0}", ex.StackTrace);
Console.WriteLine("Inner Exception = {0}", ex.InnerException);
}
}
}
}
It takes 3 arguments -
- Domain - You can either pass ‘localhost’ or ‘.’ - Internally docker maps this to Container Id
- User - It can be any user in the container
- Password - Password for the user
This console application should be run as admin.
If I try to run this in container I’ll get he above ‘network location not found’ error. But it goes fine in the windows server host machine.
HOST OS Version - Windows Server 2019 Datacenter, OS Build - 17763.914
Container Base OS - mcr.microsoft.com/windows/servercore:10.0.17763.914
Docker version 19.03.12, build 4306744