我找到了解决方案：

首先：IIS身份验证应该是Windows身份验证

第二：域用户应该是以这种格式插入web.config：

I found the solution:
First : IIS authentication should be Windows Authentication
Second : a Domain user should be inserted in web.config in this format :

<configuration><appsettings>
   <add key="LDAPsvcAcct" value="domain\username" />
   <add key="LDAPsvcPass" value="user_password" />
    </appsettings></configuration>

第三：那么你可以使用这段代码：

Third : then you can use this code:

Dim Username As String = ""
       Dim identityName = User.Identity.Name


       Using HostingEnvironment.Impersonate()
           Using context = New PrincipalContext(ContextType.Domain, "Domain.com", Nothing, ContextOptions.Negotiate Or ContextOptions.SecureSocketLayer)
               Using userPrincipal__1 = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, identityName)
                   EmpID = userPrincipal__1.EmployeeId
                   Session("EmpID") = userPrincipal__1.EmployeeId 'To Read attributes
                   Username = userPrincipal__1.DisplayName
               End Using
           End Using
       End Using