asp.netiis-7.5directoryservicesapplicationpoolidentity

DirectoryServicesCOMException 80072020 From IIS 7.5 Site Running Under ApplicationPoolIdentity


I'm having trouble hunting down an issue where an ASP.NET 4 application fails while trying to get user groups for a given user from time to time. The application pool associated with this application is setup to run under ApplicationPoolIdentity.

Exception Info

System.DirectoryServices.DirectoryServicesCOMException
HRESULT: 80072020
Message: An operations error occurred.
Extended Message: 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1

Stack Trace

    System.DirectoryServices.DirectoryEntry.Bind(Boolean) 
    System.DirectoryServices.DirectoryEntry.Bind() 
    System.DirectoryServices.DirectoryEntry.get_AdsObject() 
    System.DirectoryServices.DirectorySearcher.FindAll(Boolean) 
    System.DirectoryServices.DirectorySearcher.FindOne() 

95%-99% of the time, this function works fine, but from time to time, it just starts failing. When I change the application pool to use LocalSystem or NetworkService, it starts working. When I change back to ApplicationPoolIdentity it begins failing again. The only way to get the site working again with ApplicationPoolIdentity is to reboot the server.

I was able to find a similar issue here, but the resolution was a reboot as well. I'd like to find a more permanent solution short of changing the identity of the application pool.


Solution

  • While a reboot will resolve the issue temporarily, there is a Microsoft hotfix KB2545850 that offers a permanent fix to the issue.