Help !!! - (Exception from HRESULT: 0x80072035) error RRS feed

  • Question

  • User-1494647696 posted

    The code listed below works fine in my domain environment at home but when i tried to run it to our domain at work it gives a  The server is unwilling to process the request. (Exception from HRESULT: 0x80072035) error, it runs fine if i put a comment on the ADS_USER_FLAG line.

    am i having problems with the ActiveDs Tyle Library ?

    using System.DirectoryServices;

    using ActiveDs;

    ldapPath = "LDAP://myserver/dc=dev,dc=com";

    DirectoryEntry ouEntry = new DirectoryEntry(ldapPath);

    DirectoryEntry ou = ouEntry.Children.Find("OU=MYOU");

    DirectoryEntry newUser = ou.Children.Add("CN=Test User", "User");


    newUser.Properties["userAccountControl"].Add(ADS_USER_FLAG.ADS_UF_NORMAL_ACCOUNT);  <==== (Code works fine if i put a comment on this line.)


    Stack Trace:

    [DirectoryServicesCOMException (0x80072035): The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)]
       System.DirectoryServices.DirectoryEntry.CommitChanges() +71
       System.DirectoryServices.DirectoryEntry.CommitChanges() +0
       _Default.testCreate() in c:\Inetpub\wwwroot\ADTool\Default.aspx.cs:68
       _Default.Page_Load(Object sender, EventArgs e) in c:\Inetpub\wwwroot\ADTool\Default.aspx.cs:19
       System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +15
       System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +36
       System.Web.UI.Control.OnLoad(EventArgs e) +102
       System.Web.UI.Control.LoadRecursive() +47
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1064

    Thursday, December 1, 2005 4:58 AM

All replies

  • User1354132231 posted
    The 'userAccountControl' is a single-value attribute that by default is populated.  When you .Add() to it, it tries to add another value as if it was a multi-valued attribute.  This will of course violate the schema and produce the error you see.

    Instead, you should replace the value using the .Value property ala:

    int flags = (int)user.Properties["userAccountControl"].Value;
    user.Properties["userAccountControl"].Value = flags | UF_NORMAL_ACCOUNT;

    This way you are actually preserving any values that previously existed as well.

    Thursday, December 1, 2005 10:33 AM
  • User-1494647696 posted

    thanks for replying.

    i tries using the code

    int flags = (int)user.Properties["userAccountControl"].Value;
    user.Properties["userAccountControl"].Value = flags | UF_NORMAL_ACCOUNT;

    and it gives me this error.

     The name 'ADS_UF_NORMAL_ACCOUNT' does not exist in the class or namespace

    Thursday, December 1, 2005 2:11 PM
  • User1354132231 posted
    Sounds like you have not referenced either the constant or the interop assembly in your code.  If you are using ActiveDs interop, you need to add the imports or using statement appropriately.  This is not really related to anything with LDAP.  This is just a compiler issue.

    You have to reference the location of where that constant is defined.

    Thursday, December 1, 2005 2:15 PM
  • User-1494647696 posted
    I have added the reference in the solution explorer before and made sure they are called on top of the code;

    using ActiveDs;
    using System.DirectoryServices;

    but it still giving me the same error.

    The name 'ADS_UF_NORMAL_ACCOUNT' does not exist in the class or namespace

    the namespace error will disappear if i use  ADS_USER_FLAG.ADS_UF_NORMAL_ACCOUNT

    and if i try it this way.

    int flags = (int)user.Properties["userAccountControl"].Value;
    user.Properties["userAccountControl"].Value = flags | ADS_USER_FLAG.ADS_UF_NORMAL_ACCOUNT;

    this is the error that i get.

    Operator '|' cannot be applied to operands of type 'int' and 'ActiveDs.ADS_USER_FLAG'

    Thursday, December 1, 2005 2:48 PM
  • User1354132231 posted
    Explicitly cast the flag first to an int:

    Thursday, December 1, 2005 2:50 PM
  • User-1494647696 posted
    Tried doing the cast and it gives me this error.

    Object reference not set to an instance of an object.
    Thursday, December 1, 2005 3:03 PM
  • User-1494647696 posted

    when i use a different flag

    usr.Properties["userAccountControl"].Value = ADS_USER_FLAG.ADS_UF_ACCOUNTDISABLE;

    it works fine but when i tried to use the normal account.

    usr.Properties["userAccountControl"].Value = ADS_USER_FLAG.ADS_UF_NORMAL_ACCOUNT;

    it gives a  Exception from HRESULT: 0x80072035 error.

    would this be a problem in our domain that its not allowing me to set normal account and not on the code itself ?

    thanks again.

    Thursday, December 1, 2005 3:25 PM
  • User1354132231 posted
    This is a bitmask field, you need to set the bitmask using bitwise AND, OR, and NOT operations.  You cannot just set a value here.  Do not try to do this.  Always take the value proffered and calculate the correct value using bit masking.
    Monday, December 5, 2005 10:28 AM
  • User624540971 posted

    We encountered this problem in a High Availability AD environment (Primary Secondary) which had worked for several months. After confirming that no changes had been made, we focused on looking at the AD servers themselves and found that there was a replication issue. In fact the problem would only appear when LDAP communications occured with the problem DS Server that was not getting replication correctly.

    When forcing the script to use the primary server, it worked, and failed when pointing to the server not getting replicated correctly.

    After addressing the replication issue, the problem went away.

    All the issues I have read on google do indicate a problem commiting changes specifically with SetPassword. This could be the case when replication is interefering with these fields.

    Friday, January 10, 2014 3:41 PM