Memory leaks when using DirectoryServices.AccountManagement

Question

We moved our web system to Windows authentication. After deploying it to production environment we faced memory leak. We defined it was paged pool memory leak (tag Toke) using poolmon.exe util. During recent modification we only added 2 following methods:

using System.DirectoryServices.AccountManagement;


private bool IsLoginValid(string login, string password)
{
    bool isValid = false;
    using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainName))
    {
        isValid = pc.ValidateCredentials(login, password);
    }
    return isValid;
}

private bool isMemberOf(string login, string group)
{
    bool result = false;           
    using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainName))
    {
        using (UserPrincipal user = UserPrincipal.FindByIdentity(pc, IdentityType.SamAccountName, login))
        {
            if (user != null)
            {
                result = user.IsMemberOf(pc, IdentityType.Name, group);
            }
        }
    }
    return result;
}

Please, help to identify the exact point of leaking and if possible provide with a workaround. Thank you.

Answer 1

Method UserPrincipal.FindByIdentity() has memory leak.

Answer 2

There is possibly a bug in the implementation of PrincipalContext and/or UserPrincipal causing failure to auto-dispose of an instance. I have seen this previously. You can easily confirm/fix this by replacing the using by a try-finally, as below.

PrincipalContext pc = new PrincipalContext(ContextType.Domain, domainName);
try
{
     isValid = pc.ValidateCredentials(login, password);
}
finally
{
     pc.Dispose();
}