Create nested OUs with C# issue, unable to create OU in tree root

I was playing around with this several hours last night but I can't seem to figure out why this is happening...

I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules.  It works for the most part just as long as I create the first OU off the root of the AD structure.  If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request".  Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.

This is the function in question:

        public static bool CreateOU(ref _stConfig stconfig, string szNewOUName, string szOUPath)
            string szLDAPPath = string.Empty;
//            Console.WriteLine(szOUPath);
            szLDAPPath += "LDAP://" + stconfig.szDomainServer + "/" + szOUPath;

                DirectoryEntry de = new DirectoryEntry(szLDAPPath, "Administrator", "mypass", AuthenticationTypes.ServerBind);
//                Console.WriteLine(szLDAPPath + "-" + szNewOUName + "-");
                DirectoryEntries children = de.Children;
                DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
                //newchild.Properties["ou"].Add("Auditing Department");
            catch (SystemException e)
                Console.WriteLine("Error: {0}", e.Message);

            return true;

Open in new window

The assembled path in the function looks something like this for the first OU:

I'm thinking that the above line could be the issue..  I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...

if I create the first OU by hand in AD then run the application it works with a path that looks like this:
Who is Participating?
Meir RivkinConnect With a Mentor Full stack Software EngineerCommented:
the szLDAPPath should be initialized with the "LDAP://" prefix:

example: "LDAP://dc=soap,dc=com"

then to add OU under root follow this code:

strPath = "LDAP://dc=soap,dc=com";
strOU = "OU=NewOU";

using(DirectoryEntry de = new DirectoryEntry(strPath)){
DirectoryEntry objOU = de.Children.Add(strOU,
Meir RivkinFull stack Software EngineerCommented:
you can't create OU in the middle of the structure if it's not under OU, that's why you get this error.instead you can create a group if it meets your requirements but not OU.
sej69Author Commented:
I'm not sure I understand...  It's not in the "middle" of the structure; it's at the top...?

I'm working on the auto group creation next.  I already have the user creation working flawlessly for the created OUs.
Never miss a deadline with

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Meir RivkinFull stack Software EngineerCommented:
replace strPath and strOU accordingly...

check for a reference.
sej69Author Commented:
The issue above shows the path I'm using.  I am assigning LDAP://SERVER/DC=domain,DC=local

Again, it works ok if I have the base OU created.  I can then nest as may OUs under it as I want with the code listed above.

I used the link when I created the function to build the OUs.  However, the one difference is that they use o= , c= for referring to their AD.  But, as far as I can tell, that's LDAP and not AD.  AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
sej69Author Commented:
Just doing code cleanup and this was on my list to fix.  I finally found the issue...

The line:

DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);

needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.