SPWeb.EnsureUser Method throws Access Denied Error

According to Microsoft, SPWeb.EnsureUser  Checks whether the specified login name belongs to a valid user of the Web site, and if the login name does not already exist, adds it to the Web site.

Well, this will not work in an environment where you have membershipprovider enabled. to get around this issue please use the following code. 


#region Add user to a group
        /// <summary>
        /// addUserToGroup
        /// </summary>
        /// <param name="groupName"></param>
        /// <param name="userLoginName"></param>
        public void addUserToGroup(string groupName, string userLoginName)
        {
            SPSite site = new SPSite(RootWebUrl);
            SPWeb web = site.OpenWeb();
            try
            {
                SPSecurity.RunWithElevatedPrivileges(delegate()
                          {
                              web.AllowUnsafeUpdates = true;
                              SPUser spUser = web.AllUsers[userLoginName];

                              if (spUser != null)
                              {
                                  SPGroup spGroup = web.Groups[groupName];
                                  if (spGroup != null)
                                      spGroup.AddUser(spUser);
                              }
                          });
            }
            catch (Exception ex)
            {
                ErrorLogger.LogFeatureError("Error Adding user to SharePoint Group: " + groupName + " Name: " + userLoginName, ex);
            }
            finally
            {
                web.AllowUnsafeUpdates = false;
                site.Close();
                web.Close();
            }
        }
        #endregion



 #region Create user
        /// <summary>
        /// CreateUser - Create a SharePoint User and assign role
        /// </summary>
        /// <param name="strLoginName"></param>
        /// <param name="strEMail"></param>
        /// <param name="strName"></param>
        /// <param name="strNotes"></param>
        /// <param name="strSiteURL"></param>
        /// <returns></returns>
        private SPUser CreateUser(string strLoginName, string strEMail,
                    string strName, string strNotes, string strSiteURL)
        {

            SPUser spReturn = null;
            SPSite spSite = null;
            SPWeb spWeb = null;

            try
            {
                //Open the SharePoint site
                spSite = new SPSite(RootWebUrl);
                spWeb = spSite.OpenWeb();

                SPSecurity.RunWithElevatedPrivileges(delegate()
                       {

                           spWeb.AllowUnsafeUpdates = true;
                           spWeb.SiteUsers.Add(strLoginName, strEMail, strName, strNotes);
                           //Update site
                           spWeb.Update();
                           spReturn = spWeb.AllUsers[strLoginName];
                       });
                //Response.Write("User Successfully Created= " + strLoginName + "<br>");
                ErrorLogger.LogFeatureMessage("User Created", "User Successfully Created= " + strLoginName);
            }
            catch (Exception ex)
            {
                //Response.Write(ex.Message.ToString());
                ErrorLogger.LogFeatureError("Error Creating SharePoint User", ex);
            }
            finally
            {
                spWeb.AllowUnsafeUpdates = false;
                spWeb.Close();
                spSite.Close();
            }

            return spReturn;
        }
        #endregion

Server Error in '/adfs' Application

Ok , all of a sudden our SharePoint refused to render pages, I mean drop dead with this error.

 

We checked all the necessary culprits but no resolution. Our environment had just recently been Virtualized, which introduced a lot of unknowns into the equation.

After much digging around, come to fine out the time on our server were out of synch, go figure.
So, I hope this saves someone precious time out there.......:)