Solved

Create nested OUs with C# issue, unable to create OU in tree root

Posted on 2010-08-30
6
891 Views
Last Modified: 2013-12-17
I was playing around with this several hours last night but I can't seem to figure out why this is happening...

I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules.  It works for the most part just as long as I create the first OU off the root of the AD structure.  If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request".  Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.

This is the function in question:

        public static bool CreateOU(ref _stConfig stconfig, string szNewOUName, string szOUPath)
        {
            string szLDAPPath = string.Empty;
//            Console.WriteLine(szOUPath);
            szLDAPPath += "LDAP://" + stconfig.szDomainServer + "/" + szOUPath;

            try
            {
                DirectoryEntry de = new DirectoryEntry(szLDAPPath, "Administrator", "mypass", AuthenticationTypes.ServerBind);
//                Console.WriteLine(szLDAPPath + "-" + szNewOUName + "-");
                DirectoryEntries children = de.Children;
                DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
                //newchild.Properties["ou"].Add("Auditing Department");
                newchild.CommitChanges();
                newchild.Close();
                de.Close();
            }
            catch (SystemException e)
            {
                Console.WriteLine("Error: {0}", e.Message);
            }


            return true;
        }

Open in new window


The assembled path in the function looks something like this for the first OU:
"LDAP://myserver/DC=mydomain,DC=local"

I'm thinking that the above line could be the issue..  I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...

if I create the first OU by hand in AD then run the application it works with a path that looks like this:
"LDAP://myserver/OU=Buildings,DC=mydomain,DC=local"
0
Comment
Question by:sej69
  • 3
  • 3
6 Comments
 
LVL 42

Expert Comment

by:sedgwick
ID: 33558022
you can't create OU in the middle of the structure if it's not under OU, that's why you get this error.instead you can create a group if it meets your requirements but not OU.
0
 

Author Comment

by:sej69
ID: 33558108
I'm not sure I understand...  It's not in the "middle" of the structure; it's at the top...?

I'm working on the auto group creation next.  I already have the user creation working flawlessly for the created OUs.
0
 
LVL 42

Accepted Solution

by:
sedgwick earned 500 total points
ID: 33558290
the szLDAPPath should be initialized with the "LDAP://" prefix:

example: "LDAP://dc=soap,dc=com"

then to add OU under root follow this code:

strPath = "LDAP://dc=soap,dc=com";
strOU = "OU=NewOU";

using(DirectoryEntry de = new DirectoryEntry(strPath)){
DirectoryEntry objOU = de.Children.Add(strOU,
                    "OrganizationalUnit");
                objOU.Properties["description"].Add(strDescription);
                objOU.CommitChanges();
}
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 42

Expert Comment

by:sedgwick
ID: 33558299
replace strPath and strOU accordingly...

check http://msdn.microsoft.com/en-us/library/aa705902%28VS.85%29.aspx for a reference.
0
 

Author Comment

by:sej69
ID: 33559622
The issue above shows the path I'm using.  I am assigning LDAP://SERVER/DC=domain,DC=local

Again, it works ok if I have the base OU created.  I can then nest as may OUs under it as I want with the code listed above.

I used the link when I created the function to build the OUs.  However, the one difference is that they use o= , c= for referring to their AD.  But, as far as I can tell, that's LDAP and not AD.  AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
0
 

Author Closing Comment

by:sej69
ID: 34521369
Just doing code cleanup and this was on my list to fix.  I finally found the issue...

The line:

DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);

needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question