locked
Problem creating new user - DirectoryEntry - LDAP RRS feed

  • Question

  • User662754212 posted

     Hello,

    I am using the Directory Entry in order to add a new user in the Ldap Active Directory but i get the following error:
    "
    System.Runtime.InteropServices.COMException occurred
      Message="The requested operation did not satisfy one or more constraints associated with the class of the object. (Exception from HRESULT: 0x80072014)"
      Source="System.DirectoryServices"
      ErrorCode=-2147016684
      StackTrace:
           at System.DirectoryServices.DirectoryEntry.CommitChanges()

    "

      

    1    		DirectoryEntry AD = GetDirectoryEntry();
    2 DirectoryEntries entries = AD.Children;
    3 DirectoryEntry newUser = entries.Add("CN=sample", "member");
    4 newUser.Properties["givenName"].Add("Amigo"); //System.Runtime.InteropServices.COMException: There is a naming violation. (Exception from HRESULT: 0x80072037)
    5
    6 newUser.CommitChanges();
    7 DirectoryEntry grp;
    8 grp = AD.Children.Find("Public", "group");
    9 if (grp != null) { grp.Invoke("Add", new object[] { newUser.Path.ToString() }); }
    10 Response.Write("Account Created Successfully");
    ///////////////////////////// GetDirectoryEntry() ///////////////////////////////////
    
    2    
    3    
    4    private DirectoryEntry GetDirectoryEntry()
    5 {
    6 return GetDirectoryEntry(null, null);
    7 }
    8 9 10 internal DirectoryEntry GetDirectoryEntry(string username)
    11 {
    12 return GetDirectoryEntry(username, null);
    13 }
    14 15 16 internal DirectoryEntry GetDirectoryEntry(string username, string password)
    17 {
    18
    19 string adminUserName = "x";
    20 string organizationUnit = "Members";
    21 string rootName = "x";
    22 string adminPassword = "x";
    23 string hostName = "server";
    24 string port = "2546";
    25 26 DirectoryEntry entry = null;
    27 28 29 String path;
    30 String accessUsername = String.Format("cn={0},ou={1},o={2}", adminUserName, organizationUnit, rootName);
    31 String accessPassword = adminPassword;
    32 33 if (String.IsNullOrEmpty(username))
    34 {
    35 path = String.Format("LDAP://{0}:{1}/ou={2},o={3}", hostName, port, organizationUnit, rootName); 36 }
    37 else
    38 {
    39 path = String.Format("
    LDAP://{0}:{1}/cn={2},ou={3},o={4}", hostName, port, username, organizationUnit, rootName); 40 if (!String.IsNullOrEmpty(password))
    41 {
    42 accessUsername = String.Format("cn={0},ou={1},o={2}", username, organizationUnit, rootName);
    43 accessPassword = password;
    44 }
    45 }
    46 47 try 48 {
    49 entry = new DirectoryEntry(path, accessUsername, accessPassword, AuthenticationTypes.ServerBind | AuthenticationTypes.None);
    50 string dummy = entry.Name;
    51 }
    52 catch (System.Runtime.InteropServices.COMException comEx)
    53 {
    54 // user name exist bad password | username does not exist | invalid username 55 if (comEx.ErrorCode == -2147023570 || comEx.ErrorCode == -2147016656 || comEx.ErrorCode == -2147016654)
    56 {
    57 // this is the error code for bad user name or password! 58 return null;
    59 }
    60 else 61 {
    62 throw new ConfigurationErrorsException("LDAP error: " + comEx.Message);
    63 }
    64 }
    65 catch (DirectoryException ex)
    66 {
    67 throw new DirectoryException(ex.Message);
    68 }
    69 70 return entry;
    71 }
    72
    The error occurs in the line that i am trying to commit the changes.I have 
    search so many hours in the net for a solution but i haven't find anything.I
    would really appreciated if you could help me as soon as possible.

    Thank you
    you in advance,
    Xenia 
      
     
    Thursday, June 28, 2007 9:49 AM

All replies

  • User-713571772 posted

    Im also facing the same problem

    If you have get its solution kindly tell me

    Whereas i have checked the problem arises in

    DirectoryEntry newUser = entries.Add("CN=sample", "member");

    Any little help will be appreciated

    Thanks in advance

    Regards
    Sohaib Qazi
    Friday, August 21, 2009 7:43 AM
  • User-2009597737 posted

    To start with the DirectoryEntry function looks compex: at least for me!. The access user name should not be the cn. You can say 'x' with the LDAP path where you are creating a new user. If  goal is to create a user account, I would simply create a directory entry wityh the access user and add: something like:

                 DirectoryEntry de = new DirectoryEntry();
                    de.Username = x    
                    de.Password =y
                    de.Path =  path; // Set active LDAP path: LDAP://ADdomain/OU=...DC=... where you are creating a new user
                    
                    de.AuthenticationType=AuthenticationTypes.Secure;


                    DirectoryEntries users = de.Children;
                    
                    try
                    {
                        // Add user account
                        string u = "CN=" +forst_name  + " " + last_name ;
                        DirectoryEntry user = users.Add(u , "user");
                    
                        // set properties
                        user.Properties["samAccountName"].Value=username;                    
                        user.Properties["Name"].Value= // usually 1st name

                       // set any other properties like last name/description etc


                        user.CommitChanges();

                        //set password
                        //Call a function or code block to set the new user's password
                         
                        //enable account
                        //Call a function or code block to explicitly enable the account. I have had cases where account had to be enabled for access.
                    }
                    catch (Exception e)
                    {
                    
                        // any error
                    }


    Friday, August 21, 2009 12:05 PM