Link to home
Start Free TrialLog in
Avatar of IU5
IU5Flag for United States of America

asked on

Remove Domain Users Group from User in AD via VB.Net

Group,
  Can someone help achieve this through VB.NET, I don't speak C#

  I am able to add a user in AD, add a second security group, set the new group as default, but then I cannot remove the old default group.  If I go thru AD interface the group will remove.  I have tried several versions of code that all generate errors.

  Any help appreciated.

Code -----------------------------------

Public Shared Sub RemoveDU(ByVal Login As String)

        Dim de As DirectoryEntry = GetDirectoryEntry()
        Dim deSearch As DirectorySearcher = New DirectorySearcher(de)
        deSearch.Filter = "(&(objectClass=user)(samaccountname=" & Login & "))"
        deSearch.SearchScope = SearchScope.Subtree
        Dim deSearchResult As SearchResult = deSearch.FindOne

        If Not deSearchResult Is Nothing Then
            Dim dey As DirectoryEntry = GetDirectoryEntry(deSearchResult.Path)

            Dim deDomainUsers As DirectoryEntry = New DirectoryEntry("LDAP://xxx.xxx.xxx.xxx/CN=Domain Users,CN=Users,DC=xxx,DC=org")

            'Remove the User from "Domain Users" group
            'deDomainUsers.Children.Remove(dey)   - tried this as well
            deDomainUsers.Properties("member").Remove(dey.Path)

            deDomainUsers.CommitChanges()  - fails here

            deDomainUsers.Close()
        End If
        deSearch.Dispose()
        de.Close()
    End Sub
ASKER CERTIFIED SOLUTION
Avatar of bchoor
bchoor
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of IU5
IU5
Flag of United States of America image

ASKER

Excellent Help Thanks