CODEWITHSUNDEEP
.netvb.netactive-directory
chicken
chicken

Reputation: 1640

Add users to a Security Group in active directory

Using any .NET framework

I am able to create security groups, however when I try to add users from within the same domain I get an error.

Using System.DirectoryServices.AccountManagement:

TheGroup = GroupPrincipal.FindByIdentity(SecurityContext, "GROUPNAME")
TheGroup.Members.Add(SecurityContext, IdentityType.SamAccountName, "username")
TheGroup.Save()

Everything works for creating, and getting an existing group. Also adding the members works but when I try to save the changes made to the group I get this error:

Information about the domain could not be retrieved (1355).

Now doing it without using DirectoryServices.AccountManagement:

Dim dGroup As DirectoryEntry = GetDirectoryEntry(GroupPath, UserName, Password)
dGroup.Properties("member").Add(nUser.Path)
dGroup.CommitChanges()
dGroup.Close()

Again creating/deleting groups this way is working fine, however when I try to add a member that DOES exist to the a created group I get this error:

The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)

Going onto the server running AD itself and I can add groups and place users in them. I am using the same credentials.

Upvotes: 2

Views: 10385

Answers (2)

chicken
chicken

Reputation: 1640

Sigh, i fixed my problem.

I was working on this on my prod workstation connecting to the 1 of our dev AD servers. I than decided to run the project from my dev workstation and everything worked fine.

Upvotes: 1

Jakob Christensen
Jakob Christensen

Reputation: 14956

Just a guess: You may get this error because the user you are trying to add to the security group does not have a password that follows your password policy for the domain.

Upvotes: 2

Related Questions