Home/ Questions/Q 8087631
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T18:50:23+00:00

I’m developing an MVC application and I have a routine that gets the currently

  • 0

I’m developing an MVC application and I have a routine that gets the currently logged on users password info and it works fine on my PC but when I publish my application to a live server on the domain, I don’t seem to be able to gain access to the AD information. I have used very similar code in a currently running asp.net web application and it works just fine. I compared security settings on both applications and they look identical. Here is the routine:

 public int GetPasswordExpiration()
    {
        PrincipalContext domain = new PrincipalContext(ContextType.Domain);
        string currUserName = WindowsIdentity.GetCurrent().Name;
        UserPrincipal currLogin = UserPrincipal.FindByIdentity(domain, currUserName);
        DateTime passwordLastSet = currLogin.LastPasswordSet.Value; //here is where it chokes***
        int doyPasswordSet = passwordLastSet.DayOfYear;
        int doy = DateTime.Today.DayOfYear;
        int daysSinceLastset = (doy - doyPasswordSet);
        int daysTilDue = (120 - daysSinceLastset);
        return (daysTilDue);

    }

I am an administrator on the domain so I think I have an application permissions issue, but since the failing application has the same permissions as the working application, I’m not sure where to look next. Any help is appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’m answernig my own question because I want to post the code that works. Wiktor Zychla nailed it when asking if WindowsIdentity.GetCurrent().Name applied to the identity of the application pool rather than the logged in user. As a matter of fact it did, thanks Wiktor!

    Here is the modified code that works. I did change the way I got the users identity (explained why below).

    Controller Code:

    using MyProject.Utilities;  // Folder where I created the CommonFunctions.cs Class

var cf = new CommonFunctions();
string user = User.Identity.Name;
ViewBag.PasswordExpires = cf.GetPasswordExpiration(user);

    Code in CommonFunctions

    public int GetPasswordExpiration(string user)
    {
        PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
        UserPrincipal currLogin = UserPrincipal.FindByIdentity(ctx, user);
        DateTime passwordLastSet = currLogin.LastPasswordSet.Value;
        int doyPasswordSet = passwordLastSet.DayOfYear;
        int doy = DateTime.Today.DayOfYear;
        int daysSinceLastset = (doy - doyPasswordSet);
        int daysTilDue = (120 - daysSinceLastset);
        return (daysTilDue);

    }

    The one thing that clued me in was that I decided to just run all the code in my controller and when I did, I got a red squiggly saying “The name WindowsIdentity does not exist in this context”:

    string currUserName = WindowsIdentity.GetCurrent().Name;

    Also, the reason I retrieved User.Identity.Name in the Controller and passed it to the function is because once I got things working and wanted to thin out my controller, I tried to get User.Identity.Name in the function but I got another red squiggly with the same message under User in this line:
    string user = User.Identity.Name;
    So I figure this is a .net thing and just went with getting the User.Identiy.Name in the controller, pass it to the function and all is well. This one really tested my patience and I hope this post can help someone else.

    • 0