wookiee
Reputation: 110
Adding NETWORK SERVICE as new user to AD LDS instance administrator member
I try to add the Network Service as a member of the Administrator group of my AD LDS instance but "constraint violation occurred" error always prompts me; but then if i add the Network Service manually from ADSI and then i delete it the strange thing happens, my code starts to work fine
My question, is there any constraint that you have to follow the first time you add a new user to your group?
My code:
Using lEntry As New DirectoryEntry(mLDAPAddress &"CN=Administrators,CN=Roles" & "," & mLDAPInstance)
Try
Dim lMembers = lEntry.Properties("member")
lMembers.Add("CN=SccAdmin,CN=SccAdmins" & "," & mLDAPInstance)
'The above works fine, the below not so
lMembers.Add("CN=S-1-5-20,CN=ForeignSecurityPrincipals" & "," & mLDAPInstance)
lEntry.CommitChanges()
Return True
Catch ex As System.Runtime.InteropServices.COMException
aError = ex.Message
End Try
End Using
Upvotes: -1
Views: 273
Answers (1)
Brian Desmond
Reputation: 4503
The foreign security principal is getting created when you add it with ADSI Edit in the background. Try adding "NT AUTHORITY\NETWORK SERVICE" in your code in lieu of the DN of the FSP as you're doing now.
Upvotes: 0
Related Questions
- Creating service account in AD
- Adding network service user to Admin group
- Active Directory: Add New User C# / VB
- How do I add a user to AD using System.DirectoryServices.AccountManagement?
- VB.net creating new AD user account using UserPrincipalEx?
- Adding new user to Active Directory
- Adding network service account to a windows built-in user group in c#
- Installing a windows service as another user than Network Service
- How can I add a new user to my system's domain using .Net DirectoryServices?
- creating service accounts in windows server 2008 R2