访问域服务器修改密码，报“未知的身份验证机制”的错误搞定！

C# AD编程问题。访问域服务器修改密码，报“未知的身份验证机制”的错误。

The authentication mechanism is unknown
The authentication mechanism is unknown [Active Directory, Asp.Net]
http://blogs.devhorizon.com/blogs/reza_on_blogging/archive/2006/05/24/408.aspx
Replace code:
DirectoryEntry adSharepointUsers = new DirectoryEntry("LDAP://mydomain","ADUser","password");
To code:
DirectoryEntry adSharepointUsers = new DirectoryEntry("LDAP://MyDomain","MyDomain/ADUser","password");

or To Code:<-----------------搞定 ;-）
DirectoryEntry adSharepointUsers = new DirectoryEntry("LDAP://MyDomain","ADUser@MyDomain","password");

代码：
2

private static SearchResultCollection _ADHelper(string domainADsPath, string username, string password, string schemaClassNameToSearch)
4

{
5

DirectorySearcher searcher = new DirectorySearcher();
6

// DirectoryEntry entry = new DirectoryEntry(domainADsPath);
7

// DirectorySearcher searcher = new DirectorySearcher(entry);
8

searcher.SearchRoot = new DirectoryEntry(domainADsPath, username, password);
9

//searcher.SearchRoot = new DirectoryEntry(domainADsPath);//, username, password);
10

searcher.Filter =( "(objectClass=" + schemaClassNameToSearch + ")");
12

searcher.SearchScope = SearchScope.Subtree;
13

searcher.Sort = new SortOption("name",System.DirectoryServices.SortDirection.Ascending);
14

searcher.PageSize = 512;
15

searcher.PropertiesToLoad.AddRange(new string[] { "name", "Path", "displayname", "samaccountname", "mail" });
16

SearchResultCollection results = searcher.FindAll();
17

return results;
18

}
19

网上收集的其他解决方案，虽然对我这个问题没有搞定，放到这吧，以备查阅

我见有位大虾说是这个原因，但没给出解决方法。开发AD验证程序时,需要有一个能连接到AD中的超级用户,即DirectoryEntry(ldap, user, password);如果不是在域服务器上直接开发,则开发调试时需要指定一个域中的管理员用户,但程序发布到DC上之后,则需要将此用户的连接信息去掉,因为DC上的ASPNET用户可能已经在管理员组中,这样会造成连接上的冲突,可能会报"未知的身份验证机制"(The authentication mechanism is unknown.)

给出解决代码，立即给分！！！代码如下。
public   static   DirectoryEntry   GetUser(DirectoryEntry   de,string   UserName)
{
try
{
//create   an   instance   of   the   DirectoryEntry
DirectoryEntry   de   =   DirectoryEntry(rootPath,username,password);
//create   instance   of   the   direcory   searcher
DirectorySearcher   deSearch   =   new   DirectorySearcher();
deSearch.SearchRoot   =de;
//set   the   search   filter
deSearch.Filter   =   "(&(objectClass=user)(objectCategory=person)(sAMAccountName="   +   UserName   +   "))";
deSearch.SearchScope   =   SearchScope.Subtree;
//find   the   first   instance
SearchResult   results=   deSearch.FindOne();

//if   found   then   return,   otherwise   return   Null
if(results   !=null)
{
de=   new   DirectoryEntry(results.Path,username,password,AuthenticationTypes.Secure);
//if   so   then   return   the   DirectoryEntry   object
return   de;
}
else
{
return   null;
}
}
catch(Exception   ex)
{
return   null;
}
}


我见有位大虾说是这个原因，但没给出解决方法。开发AD验证程序时,需要有一个能连接到AD中的超级用户,即DirectoryEntry(ldap,   user,   password);如果不是在域服务器上直接开发,则开发调试时需要指定一个域中的管理员用户,但程序发布到DC上之后,则需要将此用户的连接信息去掉,因为DC上的ASPNET用户可能已经在管理员组中,这样会造成连接上的冲突,可能会报"未知的身份验证机制"(The   authentication   mechanism   is   unknown.)

因为windows application 是直接在本地运行的，没有权限问题，用aspx 运行就会涉及到权限问题了，你可以在iis 中将权限设置为用windows 集成认证，试试，具体的ad 操作我也没做过，呵呵