stackoom
  简体   繁体   中英

create AD-User in c#

 原文  2013-07-03 12:01:44       c#/ .net/ active-directory

Question

I am trying to create a new AD-User with this code: 

PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "Domain", "ou=some_ou, dc=Mydomain");
UserPrincipal user = new UserPrincipal(ctx, account, passwd, true);
user.GivenName = Givenname;
user.Surname = Surname;
user.DisplayName = Displayname;
user.UserPrincipalName = account + "@Domain";                
user.Save();

The User is created without error. But I also have to set properties like Address etc, so the code continues with: 

string distname = user.DistinguishedName;
DirectoryEntry duser = new DirectoryEntry(distname);
try
{
    duser.Properties["company"].Value = "Company";
}
catch (Exception e)
{
}

Now I am getting

Error: System.Exception._COMPlusExceptionCode -532459699

The string distname shows the correct distinguished name.

3 answers

solution1
 2  2013-07-03 13:47:05

I am not 100% sure what is causing your problem but one thing that may make things easier on you and may clear up some errors due to you improperly using both DirectoryServices and DirectoryServices.AccountManagement at the same time is creating a new class that includes the company attribute .

Its actually not that hard to do. 

[DirectoryObjectClass("user")]
[DirectoryRdnPrefix("CN")]
public class UserPrincipalEx : UserPrincipal
{
    public UserPrincipalEx(PrincipalContext context) : base(context) { }

    public UserPrincipalEx(PrincipalContext context, string samAccountName, string password, bool enabled)
        : base(context, samAccountName, password, enabled)
    {
    }

    [DirectoryProperty("company")]
    public string Company
    {
        get
        {
            if (ExtensionGet("company").Length != 1)
                return null;

            return (string)ExtensionGet("company")[0];

        }
        set { this.ExtensionSet("company", value); }
    }
}

You can then just modify your code to 

PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "Domain", "ou=some_ou, dc=Mydomain");
UserPrincipalEx user = new UserPrincipalEx(ctx, account, passwd, true);
user.GivenName = Givenname;
user.Surname = Surname;
user.DisplayName = Displayname;
user.UserPrincipalName = account + "@Domain"; 
user.Company = "Company";
user.Save();

My hunch is you are having some kind of interaction with the two methods of interfacing with active directory, if you switch to a single interface your problem may just go away.

solution2
 0  2013-08-12 15:23:58

For DirectoryEntry, you have to specify the protocol (LDAP, GC, WinNT, ...). So you would have to do: 

DirectoryEntry duser = new DirectoryEntry("LDAP://" + distname);

Note that the protocol is case sensitive, LDAP has to be all caps.

solution3
 0  2013-08-12 15:31:49

I see you are using credentials in the UserPrincipal,

Did you forgot to use them when creating your DirectoryEntry? Also, you need to add "LDAP://" before you server name

Try something like : 

DirectoryEntry duser = new DirectoryEntry("LDAP://" + distname);
duser.Username = account;
duser.Password = passwd;
duser.AuthenticationType = AuthenticationTypes.Secure;

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to create AD User belonging to Domain Admins group in C# c# remote powershell create AD/Exchange user account and modify C# Impersonation of an AD user C# search for user in AD Get AD user creation date in C# C# - Authenticate AD user on public page C# - Determine if a user is active in AD How to create a C# service on many network PC's that all impersonate a single AD user account c# comparing current windows user to AD group How to Authenticate Pasword of User against Azure AD using c#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM