Solved

Create nested OUs with C# issue, unable to create OU in tree root

Posted on 2010-08-30
6
866 Views
Last Modified: 2013-12-17
I was playing around with this several hours last night but I can't seem to figure out why this is happening...

I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules.  It works for the most part just as long as I create the first OU off the root of the AD structure.  If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request".  Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.

This is the function in question:

        public static bool CreateOU(ref _stConfig stconfig, string szNewOUName, string szOUPath)
        {
            string szLDAPPath = string.Empty;
//            Console.WriteLine(szOUPath);
            szLDAPPath += "LDAP://" + stconfig.szDomainServer + "/" + szOUPath;

            try
            {
                DirectoryEntry de = new DirectoryEntry(szLDAPPath, "Administrator", "mypass", AuthenticationTypes.ServerBind);
//                Console.WriteLine(szLDAPPath + "-" + szNewOUName + "-");
                DirectoryEntries children = de.Children;
                DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
                //newchild.Properties["ou"].Add("Auditing Department");
                newchild.CommitChanges();
                newchild.Close();
                de.Close();
            }
            catch (SystemException e)
            {
                Console.WriteLine("Error: {0}", e.Message);
            }


            return true;
        }

Open in new window


The assembled path in the function looks something like this for the first OU:
"LDAP://myserver/DC=mydomain,DC=local"

I'm thinking that the above line could be the issue..  I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...

if I create the first OU by hand in AD then run the application it works with a path that looks like this:
"LDAP://myserver/OU=Buildings,DC=mydomain,DC=local"
0
Comment
Question by:sej69
  • 3
  • 3
6 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 33558022
you can't create OU in the middle of the structure if it's not under OU, that's why you get this error.instead you can create a group if it meets your requirements but not OU.
0
 

Author Comment

by:sej69
ID: 33558108
I'm not sure I understand...  It's not in the "middle" of the structure; it's at the top...?

I'm working on the auto group creation next.  I already have the user creation working flawlessly for the created OUs.
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 33558290
the szLDAPPath should be initialized with the "LDAP://" prefix:

example: "LDAP://dc=soap,dc=com"

then to add OU under root follow this code:

strPath = "LDAP://dc=soap,dc=com";
strOU = "OU=NewOU";

using(DirectoryEntry de = new DirectoryEntry(strPath)){
DirectoryEntry objOU = de.Children.Add(strOU,
                    "OrganizationalUnit");
                objOU.Properties["description"].Add(strDescription);
                objOU.CommitChanges();
}
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 42

Expert Comment

by:sedgwick
ID: 33558299
replace strPath and strOU accordingly...

check http://msdn.microsoft.com/en-us/library/aa705902%28VS.85%29.aspx for a reference.
0
 

Author Comment

by:sej69
ID: 33559622
The issue above shows the path I'm using.  I am assigning LDAP://SERVER/DC=domain,DC=local

Again, it works ok if I have the base OU created.  I can then nest as may OUs under it as I want with the code listed above.

I used the link when I created the function to build the OUs.  However, the one difference is that they use o= , c= for referring to their AD.  But, as far as I can tell, that's LDAP and not AD.  AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
0
 

Author Closing Comment

by:sej69
ID: 34521369
Just doing code cleanup and this was on my list to fix.  I finally found the issue...

The line:

DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);

needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now