Solved

Create nested OUs with C# issue, unable to create OU in tree root

Posted on 2010-08-30
6
883 Views
Last Modified: 2013-12-17
I was playing around with this several hours last night but I can't seem to figure out why this is happening...

I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules.  It works for the most part just as long as I create the first OU off the root of the AD structure.  If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request".  Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.

This is the function in question:

        public static bool CreateOU(ref _stConfig stconfig, string szNewOUName, string szOUPath)
        {
            string szLDAPPath = string.Empty;
//            Console.WriteLine(szOUPath);
            szLDAPPath += "LDAP://" + stconfig.szDomainServer + "/" + szOUPath;

            try
            {
                DirectoryEntry de = new DirectoryEntry(szLDAPPath, "Administrator", "mypass", AuthenticationTypes.ServerBind);
//                Console.WriteLine(szLDAPPath + "-" + szNewOUName + "-");
                DirectoryEntries children = de.Children;
                DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
                //newchild.Properties["ou"].Add("Auditing Department");
                newchild.CommitChanges();
                newchild.Close();
                de.Close();
            }
            catch (SystemException e)
            {
                Console.WriteLine("Error: {0}", e.Message);
            }


            return true;
        }

Open in new window


The assembled path in the function looks something like this for the first OU:
"LDAP://myserver/DC=mydomain,DC=local"

I'm thinking that the above line could be the issue..  I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...

if I create the first OU by hand in AD then run the application it works with a path that looks like this:
"LDAP://myserver/OU=Buildings,DC=mydomain,DC=local"
0
Comment
Question by:sej69
  • 3
  • 3
6 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 33558022
you can't create OU in the middle of the structure if it's not under OU, that's why you get this error.instead you can create a group if it meets your requirements but not OU.
0
 

Author Comment

by:sej69
ID: 33558108
I'm not sure I understand...  It's not in the "middle" of the structure; it's at the top...?

I'm working on the auto group creation next.  I already have the user creation working flawlessly for the created OUs.
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 33558290
the szLDAPPath should be initialized with the "LDAP://" prefix:

example: "LDAP://dc=soap,dc=com"

then to add OU under root follow this code:

strPath = "LDAP://dc=soap,dc=com";
strOU = "OU=NewOU";

using(DirectoryEntry de = new DirectoryEntry(strPath)){
DirectoryEntry objOU = de.Children.Add(strOU,
                    "OrganizationalUnit");
                objOU.Properties["description"].Add(strDescription);
                objOU.CommitChanges();
}
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 42

Expert Comment

by:sedgwick
ID: 33558299
replace strPath and strOU accordingly...

check http://msdn.microsoft.com/en-us/library/aa705902%28VS.85%29.aspx for a reference.
0
 

Author Comment

by:sej69
ID: 33559622
The issue above shows the path I'm using.  I am assigning LDAP://SERVER/DC=domain,DC=local

Again, it works ok if I have the base OU created.  I can then nest as may OUs under it as I want with the code listed above.

I used the link when I created the function to build the OUs.  However, the one difference is that they use o= , c= for referring to their AD.  But, as far as I can tell, that's LDAP and not AD.  AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
0
 

Author Closing Comment

by:sej69
ID: 34521369
Just doing code cleanup and this was on my list to fix.  I finally found the issue...

The line:

DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);

needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In my previous two articles we discussed Binary Serialization (http://www.experts-exchange.com/A_4362.html) and XML Serialization (http://www.experts-exchange.com/A_4425.html). In this article we will try to know more about SOAP (Simple Object Acces…
A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question