Solved

Port this VB-code to C#: set usr = getobject("winnt://" + domainName + "/" + samAccountName); usr.dialinprivilege = true;

Posted on 2004-08-11
11
1,658 Views
Last Modified: 2008-02-26
Short question:
I need to port this VB-code to C#:

set usr = getobject("winnt://" + domainName + "/" + samAccountName);
usr.dialinprivilege = true;

The reason for needing to to this is found here:
http://support.microsoft.com/?kbid=252398
0
Comment
Question by:pcpaasche
  • 4
  • 2
11 Comments
 
LVL 22

Accepted Solution

by:
Mohammed Nasman earned 250 total points
ID: 11771399
try

Object obj = System.Runtime.InteropServices.Marshal.GetActiveObject("winnt://domainname/username")
0
 
LVL 3

Expert Comment

by:sohilm
ID: 11777405
are you trying this on an nt4 domain or windows 2000 domain?

0
 

Author Comment

by:pcpaasche
ID: 11778378
I'm trying to this on a Windows 2003 domain.

I am also trying to run the code below which is a VB-script (.vbs-file). The tree first lines works fine, while line 4 makes the script throw an errormessage with the text: "This function is not supported on this system". In other words, I'm able to set the password but the attribute 'dialinprivilege'  does not seem to be available.

dim objUser
Set objUser = GetObject ("WinNT://VGS/perpaasc2")
objUser.SetPassword "perper"
objUser.dialinprivilege = TRUE
0
Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

 
LVL 3

Assisted Solution

by:sohilm
sohilm earned 250 total points
ID: 11778481
ok. Then try this. Change DomainName to the domain you want and username to the username you want. Make sure your domain name is your active directory domain name. EX: microsoft.com
Have fun.

                  string DomainName = "microsoft.com"; //Change this to correct domain name
        string UserName = "bgates"; //change this to correct user.
        string[] props = {};
        System.DirectoryServices.DirectoryEntry DE = new System.DirectoryServices.DirectoryEntry("LDAP://" + DomainName);
        System.DirectoryServices.DirectorySearcher DS = new System.DirectoryServices.DirectorySearcher(DE,"(&(objectClass=user)(sAMAccountName=" + UserName + "))",props,System.DirectoryServices.SearchScope.Subtree);
        foreach(System.DirectoryServices.SearchResult sr in DS.FindAll())
        {
            System.DirectoryServices.DirectoryEntry user = sr.GetDirectoryEntry();
            user.Properties["msNPAllowDialin"].Value = true;
            user.CommitChanges();
        }
0
 

Author Comment

by:pcpaasche
ID: 11780874
Setting "msNPAllowDialin" through LDAP causes the need to also set the "dialinprivilege". Take a look at the text in this link to see why:
http://support.microsoft.com/?kbid=252398

"dialinprivilege" is only available through WinNt and not through LDAP. I haven't seen any way to write this code using c#, but setting "dialinprivilege" through a VBS-script will work fine for me. Any ideas?
0
 

Author Comment

by:pcpaasche
ID: 12042148
After having done a lot of research on this case, including thourogh investigations by Microsoft support, I have concluded that the problem is not possible to solve. However using a work around that sets the "Allow dialin" property on all the users through a GUI tool solves the problem for us for now.

Thanks for your efforts anyway.
0
 

Author Comment

by:pcpaasche
ID: 12245896
I am afraid that noone was able to answer my question correctly. Maybe not so strange all the way that there is probably no solution to the question. For the record it would be wrong to accept any of the answers, but the contributors should be awarded for their efforts. I suggest giving sohilm 400 points and mnasman 100 point. How do I do that (or will TheLearnedOne do it for me)?
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In order to hide the "ugly" records selectors (triangles) in the rowheaders, here are some suggestions. Microsoft doesn't have a direct method/property to do it. You can only hide the rowheader column. First solution, the easy way The first sol…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question