DirectoryServices PrincipalContext can add to first level container but not to child container

Question

Not sure what I am missing here. I've tried using DirectoryEntry and PrincipalContext and have the same problem both ways. The AD is structured like

root (okwu.edu)
    students
        AGS
        Traditional

I can add users to the student container with

PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, "OKWU.EDU", "OU=Students,DC=okwu,DC=edu", systemAccount, systemAccountPassword);

UserPrincipal user = new UserPrincipal(domainContext, model.SamAccountName, model.Password, true);

but if I use the dn for AGS (or traditional)

 PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, "OKWU.EDU", "OU=AGS,OU=Students,DC=OKWU,DC=edu", systemAccount, systemAccountPassword);    

Then I get an error that the object doesn't exist on the server. I have found stuff for the first level container but nothing to explain what I am missing when I try to go to the second level container.

Answer 1

I can think of three different possiblities.

Possibility 1:

Are you sure the DN is really OU=AGS,OU=Students,DC=OKWU,DC=edu?

OU may contain container. So, it's possible that your DN actually looks like this

CN=AGS,OU=Students,DC=OKWU,DC=edu

Get ADexplorer or ADSIedit. Check out their distinguishName first.

Possibility 2:

You have multiple domain controllers. One of the domain controller got OU=AGS,OU=Students,DC=OKWU,DC=edu created but not the others. This can be due to the incorrect setup of replication

Possibility 3:

Your SystemAccount doesn't have permissions to see OU=AGS,OU=Students,DC=OKWU,DC=edu. To prove that, you can try login as SystemAccount when using ADSIedit.

Answer 2

Certainly because you don't change your principal context to "OU=AGS,OU=Students,DC=okwu,DC=edu" :

PrincipalContext domainContext = new PrincipalContext(ContextType.Domain, "OKWU.EDU", "OU=AGS,OU=Students,DC=okwu,DC=edu", systemAccount, systemAccountPassword);