sej69
asked on
Create nested OUs with C# issue, unable to create OU in tree root
I was playing around with this several hours last night but I can't seem to figure out why this is happening...
I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules. It works for the most part just as long as I create the first OU off the root of the AD structure. If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request". Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.
This is the function in question:
The assembled path in the function looks something like this for the first OU:
"LDAP://myserver/DC=mydoma in,DC=loca l"
I'm thinking that the above line could be the issue.. I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...
if I create the first OU by hand in AD then run the application it works with a path that looks like this:
"LDAP://myserver/OU=Buildi ngs,DC=myd omain,DC=l ocal"
I'm working on a C# application that one of it's tasks is to create the OU structure based on certain rules. It works for the most part just as long as I create the first OU off the root of the AD structure. If I try to have my application create the first OU off the structure then I get the error: "The server is unwilling to process the request". Oh, I am usign the master domain admin account to do this on my test server so rights shouldn't be an issue.
This is the function in question:
public static bool CreateOU(ref _stConfig stconfig, string szNewOUName, string szOUPath)
{
string szLDAPPath = string.Empty;
// Console.WriteLine(szOUPath);
szLDAPPath += "LDAP://" + stconfig.szDomainServer + "/" + szOUPath;
try
{
DirectoryEntry de = new DirectoryEntry(szLDAPPath, "Administrator", "mypass", AuthenticationTypes.ServerBind);
// Console.WriteLine(szLDAPPath + "-" + szNewOUName + "-");
DirectoryEntries children = de.Children;
DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
//newchild.Properties["ou"].Add("Auditing Department");
newchild.CommitChanges();
newchild.Close();
de.Close();
}
catch (SystemException e)
{
Console.WriteLine("Error: {0}", e.Message);
}
return true;
}
The assembled path in the function looks something like this for the first OU:
"LDAP://myserver/DC=mydoma
I'm thinking that the above line could be the issue.. I'm wondering if that is the proper reference for the root of a tree in an AD domain structure...
if I create the first OU by hand in AD then run the application it works with a path that looks like this:
"LDAP://myserver/OU=Buildi
you can't create OU in the middle of the structure if it's not under OU, that's why you get this error.instead you can create a group if it meets your requirements but not OU.
ASKER
I'm not sure I understand... It's not in the "middle" of the structure; it's at the top...?
I'm working on the auto group creation next. I already have the user creation working flawlessly for the created OUs.
I'm working on the auto group creation next. I already have the user creation working flawlessly for the created OUs.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
replace strPath and strOU accordingly...
check http://msdn.microsoft.com/en-us/library/aa705902%28VS.85%29.aspx for a reference.
check http://msdn.microsoft.com/en-us/library/aa705902%28VS.85%29.aspx for a reference.
ASKER
The issue above shows the path I'm using. I am assigning LDAP://SERVER/DC=domain,DC =local
Again, it works ok if I have the base OU created. I can then nest as may OUs under it as I want with the code listed above.
I used the link when I created the function to build the OUs. However, the one difference is that they use o= , c= for referring to their AD. But, as far as I can tell, that's LDAP and not AD. AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
Again, it works ok if I have the base OU created. I can then nest as may OUs under it as I want with the code listed above.
I used the link when I created the function to build the OUs. However, the one difference is that they use o= , c= for referring to their AD. But, as far as I can tell, that's LDAP and not AD. AD doesn't have objects (o) or c (I'm not even sure what that would be referring to in LDAP...)
ASKER
Just doing code cleanup and this was on my list to fix. I finally found the issue...
The line:
DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");
The line:
DirectoryEntry newchild = children.Add(szNewOUName, de.SchemaClassName);
needed to be:
DirectoryEntry newchild = children.Add(szNewOUName, "OrganizationalUnit");