CODEWITHSUNDEEP
c#.netactive-directory
user2546389
user2546389

Reputation: 31

create AD-User in c#

I am trying to create a new AD-User with this code:

PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "Domain", "ou=some_ou, dc=Mydomain");
UserPrincipal user = new UserPrincipal(ctx, account, passwd, true);
user.GivenName = Givenname;
user.Surname = Surname;
user.DisplayName = Displayname;
user.UserPrincipalName = account + "@Domain";                
user.Save();

The User is created without error. But I also have to set properties like Address etc, so the code continues with:

string distname = user.DistinguishedName;
DirectoryEntry duser = new DirectoryEntry(distname);
try
{
    duser.Properties["company"].Value = "Company";
}
catch (Exception e)
{
}

Now I am getting

Error: System.Exception._COMPlusExceptionCode -532459699

The string distname shows the correct distinguished name.

Upvotes: 3

Views: 3281

Answers (3)

Matt B-L
Matt B-L

Reputation: 253

I see you are using credentials in the UserPrincipal,

Did you forgot to use them when creating your DirectoryEntry? Also, you need to add "LDAP://" before you server name

Try something like :

DirectoryEntry duser = new DirectoryEntry("LDAP://" + distname);
duser.Username = account;
duser.Password = passwd;
duser.AuthenticationType = AuthenticationTypes.Secure;

Upvotes: 0

Sean Hall
Sean Hall

Reputation: 7878

For DirectoryEntry, you have to specify the protocol (LDAP, GC, WinNT, ...). So you would have to do:

DirectoryEntry duser = new DirectoryEntry("LDAP://" + distname);

Note that the protocol is case sensitive, LDAP has to be all caps.

Upvotes: 0

Scott Chamberlain
Scott Chamberlain

Reputation: 127603

I am not 100% sure what is causing your problem but one thing that may make things easier on you and may clear up some errors due to you improperly using both DirectoryServices and DirectoryServices.AccountManagement at the same time is creating a new class that includes the company attribute.

Its actually not that hard to do.

[DirectoryObjectClass("user")]
[DirectoryRdnPrefix("CN")]
public class UserPrincipalEx : UserPrincipal
{
    public UserPrincipalEx(PrincipalContext context) : base(context) { }

    public UserPrincipalEx(PrincipalContext context, string samAccountName, string password, bool enabled)
        : base(context, samAccountName, password, enabled)
    {
    }

    [DirectoryProperty("company")]
    public string Company
    {
        get
        {
            if (ExtensionGet("company").Length != 1)
                return null;

            return (string)ExtensionGet("company")[0];

        }
        set { this.ExtensionSet("company", value); }
    }
}

You can then just modify your code to

PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "Domain", "ou=some_ou, dc=Mydomain");
UserPrincipalEx user = new UserPrincipalEx(ctx, account, passwd, true);
user.GivenName = Givenname;
user.Surname = Surname;
user.DisplayName = Displayname;
user.UserPrincipalName = account + "@Domain"; 
user.Company = "Company";
user.Save();

My hunch is you are having some kind of interaction with the two methods of interfacing with active directory, if you switch to a single interface your problem may just go away.

Upvotes: 2

Related Questions