C# – Getting UserPrincipal with Windows authentication and anonymous authentication on

.netasp.netc++iis-7.5userprincipal

The following code only works while only Windows Authentication is enabled in IIS for local users on our network.

using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain))
{
     UserPrincipal up = UserPrincipal.FindByIdentity(ctx, userName);
     return up;
}

Otherwise it throws this exception:

[ArgumentException: The (&(objectCategory=user)(objectClass=user)(|(userPrincipalName=)(distinguishedName=)(name=))) search filter is invalid.]
System.DirectoryServices.ResultsEnumerator.MoveNext() +434305
System.DirectoryServices.SearchResultCollection.get_InnerList() +282
System.DirectoryServices.SearchResultCollection.get_Count() +9
System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRefHelper(Type principalType, String urnScheme, String urnValue, DateTime referenceDate, Boolean useSidHistory) +1898
System.DirectoryServices.AccountManagement.ADStoreCtx.FindPrincipalByIdentRef(Type principalType, String urnScheme, String urnValue, DateTime referenceDate) +85
System.DirectoryServices.AccountManagement.Principal.FindByIdentityWithTypeHelper(PrincipalContext context, Type principalType, Nullable`1 identityType, String identityValue, DateTime refDate) +211
System.DirectoryServices.AccountManagement.UserPrincipal.FindByIdentity(PrincipalContext context, String identityValue) +95
WebApplication1.Index.GetUserPrincipal(String userName) in C:\Users\xxx\Documents\Visual Studio 2010\Projects\WebApplication1\WebApplication1\Index.aspx.cs:38
WebApplication1.Index.Page_Load(Object sender, EventArgs e) in C:\Users\xxx\Documents\Visual Studio 2010\Projects\WebApplication1\WebApplication1\Index.aspx.cs:19
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +71
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3064

Is there any way of getting this to work for getting our local users UserPrincipal while Windows and Anonymous authentication are both turned on?

Best Solution

userName must be an empty string (or in some other way, entirely composed of whitespace), and apparently it's not validated by FindByIdentity.