Create user with System.DirectoryServices.AccountManagement
Greetings,
I'm getting a "referal returned by server" error. The error pointing to the usr.Name = "Jim Daly"; Below is my code. May someone help. Thank you.
PrincipalContext ctx = new PrincipalContext(
ContextType.Domain,
"fabrikam.com",
"OU=Florida, OU=Miami, DC=fabrikam,DC=com",
"administrator",
"securelyStoredPassword");
UserPrincipal usr = new UserPrincipal(ctx);
usr.Name = "Jim Daly";
usr.Description = "This is the user account for Jim Daly";
usr.EmailAddress = "jimdaly@fabrikam.com";
usr.SetPassword("securelyS
usr.Save();
usr.Dispose();
ctx.Dispose();
I'm getting a "referal returned by server" error. The error pointing to the usr.Name = "Jim Daly"; Below is my code. May someone help. Thank you.
PrincipalContext ctx = new PrincipalContext(
ContextType.Domain,
"fabrikam.com",
"OU=Florida, OU=Miami, DC=fabrikam,DC=com",
"administrator",
"securelyStoredPassword");
UserPrincipal usr = new UserPrincipal(ctx);
usr.Name = "Jim Daly";
usr.Description = "This is the user account for Jim Daly";
usr.EmailAddress = "jimdaly@fabrikam.com";
usr.SetPassword("securelyS
usr.Save();
usr.Dispose();
ctx.Dispose();
robasta
read here: http://serverfault.com/questions/61276/a-referral-was-returned-from-the-server-from-activedirectory-plugin
ASKER
Thanks for the article robasta.
I'm using a form instead of IIS. Connectivity seems to functioning, the error appears to point to user.Name = "Jim Daly"
I'm using a form instead of IIS. Connectivity seems to functioning, the error appears to point to user.Name = "Jim Daly"
ASKER
UserPrincipal usr = new UserPrincipal(ctx);
usr.GivenName = "John"; // ******************I get error here **************************
usr.Surname = "Doe";
usr.ExpirePasswordNow();
usr.Save();
usr.Dispose();
ctx.Dispose();
usr.GivenName = "John"; // ******************I get error here **************************
usr.Surname = "Doe";
usr.ExpirePasswordNow();
usr.Save();
usr.Dispose();
ctx.Dispose();
You need to pass a proper info to PrincipalContext
ie
"fabrikam.com" is not valid
if you copy exact code from here
http://msdn.microsoft.com/en-us/library/bb299773.aspx
ie
"fabrikam.com" is not valid
if you copy exact code from here
http://msdn.microsoft.com/en-us/library/bb299773.aspx
ASKER
Yes I know. I didn't put it like that but I didn't want to publish our actual hostname/domain names. The error seems to ben when assinging the "John" to usr.GivenName.
ASKER
We don't have a UAC policies for this workstation (xp pro).
Try binding to a specific domain controller by passing it's name to the constructor of the PrincipalContext object - i.e. instead of fabrikam.com use dc1.fabrikam.com.
ASKER
thanks tgerbert,
I tried that but still not working. Would it not stop at the PrincipleContext portion if I had an authentication issue or would it error on the user.GivenName portion?
I tried that but still not working. Would it not stop at the PrincipleContext portion if I had an authentication issue or would it error on the user.GivenName portion?
So far as I understand Active Directory, referrals are issued by a Domain Controller when it is unable to answer a query - for example, if you have more than one domain the forest and you ask for a list of users in a group the domain controller may refer you to another domain controller if those users are in a different domain than the DC servicing the query. How that applies to your current situation is a little unclear to me...are you sure this user doesn't already exist in your AD somewhere?
...or perhaps bind to a global catalog server (if you're not already).
Ahh...it's probably failing the query for the OU you're creating your user in.
Are you in a single-domain environment?
Are you in a single-domain environment?
ASKER
Yes this is a single domain environment.
In Active Directory management I have the following:
Active Directories Users and Computers -> domain.site.com -> Florida -> Miami -> Users
And I'm using:
PrincipalContext ctx = new PrincipalContext(
ContextType.Domain,
"ServerNameDC1.domain.site
"OU=Florida, OU=Miami, OU=Users, DC=ServerNameDC1,DC=com",
"adminuser",
"password");
UserPrincipal usr = new UserPrincipal(ctx);
usr.GivenName = "John"; //*********************** I get error here **************************
usr.Surname = "Doe";
I'm I supposed to be using the CN= attribute? I'm in the learning stages so please bare with me.
In Active Directory management I have the following:
Active Directories Users and Computers -> domain.site.com -> Florida -> Miami -> Users
And I'm using:
PrincipalContext ctx = new PrincipalContext(
ContextType.Domain,
"ServerNameDC1.domain.site
"OU=Florida, OU=Miami, OU=Users, DC=ServerNameDC1,DC=com",
"adminuser",
"password");
UserPrincipal usr = new UserPrincipal(ctx);
usr.GivenName = "John"; //*********************** I get error here **************************
usr.Surname = "Doe";
I'm I supposed to be using the CN= attribute? I'm in the learning stages so please bare with me.
No, CN would be one of the built-in containers like Domain.com->Users. If you have users in an organizational unit named "Users", inside an OU named Miami, etc, then your container's path will be OU=Users,OU=Miami,OU=Flori
Otherwise, if the users just sit in the "Miami" OU, then it'd be: OU=Miami,OU=Florida,DC=dom
Otherwise, if the users just sit in the "Miami" OU, then it'd be: OU=Miami,OU=Florida,DC=dom
ASKER
Thanks tgerbert,
shouldn't break during the PrincipleContext portion of the code other than when assigning GivenName. This is just incredibly puzzling because I've tried following all the guidance from MSDN and other sites on how this should be configured.
shouldn't break during the PrincipleContext portion of the code other than when assigning GivenName. This is just incredibly puzzling because I've tried following all the guidance from MSDN and other sites on how this should be configured.
If I deliberately put in a bad path for the container it doesn't give me an exception until I try to set a value on the UserPrincipal object.
ASKER
How should the PrincipleContext be configured if I want to test it on a Lab Domain Controller.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.