When using Sitecore Active Directory module, security may not be correctly resolved for AD users with a primary group that cannot be resolved via the current AD connection.
For example, this may happen for users from a trusted domain or from a container outside of the current connection scope.
The following exception would be found in the Sitecore logs:
ERROR Application error.
Exception: System.NullReferenceException
Message: Object reference not set to an instance of an object.
Source: LightLDAP
at LightLDAP.Helpers.DataHelper.GetInt(ISearchResult res, String propertyName)
at LightLDAP.MembershipResolver.GetUserPrimaryGroup(String userName)
at LightLDAP.SitecoreADRoleProvider.GetRolesForUser(String username)
at Sitecore.Security.SwitchingRoleProvider.GetRolesForUser(String userName)
To resolve the issue, apply the following patch:
<add name="ad" type="LightLDAP.Support.SitecoreADRoleProvider, Sitecore.Support.83252" .../>