Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1052
  • Last Modified:

Create user with System.DirectoryServices.AccountManagement

Greetings,
I'm getting a "referal returned by server" error. The error pointing to the usr.Name = "Jim Daly"; Below is my code. May someone help. Thank you.

PrincipalContext ctx = new PrincipalContext(
                                         ContextType.Domain,
                                         "fabrikam.com",
                                         "OU=Florida, OU=Miami, DC=fabrikam,DC=com",
                                         "administrator",
                                         "securelyStoredPassword");

UserPrincipal usr = new UserPrincipal(ctx);

usr.Name = "Jim Daly";
usr.Description = "This is the user account for Jim Daly";
usr.EmailAddress = "jimdaly@fabrikam.com";
usr.SetPassword("securelyStoredPassword");
usr.Save();

usr.Dispose();
ctx.Dispose();

0
centem
Asked:
centem
  • 8
  • 7
  • 2
  • +1
1 Solution
 
centemAuthor Commented:
Thanks for the article robasta.
I'm using a form instead of IIS. Connectivity seems to functioning, the error appears to point to user.Name = "Jim Daly"  
0
 
centemAuthor Commented:
    UserPrincipal usr = new UserPrincipal(ctx);
            usr.GivenName = "John";      // ******************I get error here *****************************************
            usr.Surname = "Doe";
            usr.ExpirePasswordNow();
            usr.Save();

            usr.Dispose();
            ctx.Dispose();
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
EDDYKTCommented:
You need to pass a proper info to PrincipalContext

ie
"fabrikam.com" is not valid
if you copy exact code from here
http://msdn.microsoft.com/en-us/library/bb299773.aspx
0
 
centemAuthor Commented:
Yes I know. I didn't put it like that but I didn't want to publish our actual hostname/domain names. The error seems to ben when assinging the "John" to usr.GivenName.
0
 
centemAuthor Commented:
We don't have a UAC policies for this workstation (xp pro).
0
 
Todd GerbertIT ConsultantCommented:
Try binding to a specific domain controller by passing it's name to the constructor of the PrincipalContext object - i.e. instead of fabrikam.com use dc1.fabrikam.com.
0
 
centemAuthor Commented:
thanks tgerbert,
I tried that but still not working. Would it not stop at the PrincipleContext portion if I had an authentication issue or would it error on the user.GivenName portion?
0
 
Todd GerbertIT ConsultantCommented:
So far as I understand Active Directory, referrals are issued by a Domain Controller when it is unable to answer a query - for example, if you have more than one domain the forest and you ask for a list of users in a group the domain controller may refer you to another domain controller if those users are in a different domain than the DC servicing the query.  How that applies to your current situation is a little unclear to me...are you sure this user doesn't already exist in your AD somewhere?
0
 
Todd GerbertIT ConsultantCommented:
...or perhaps bind to a global catalog server (if you're not already).
0
 
Todd GerbertIT ConsultantCommented:
Ahh...it's probably failing the query for the OU you're creating your user in.

Are you in a single-domain environment?
0
 
centemAuthor Commented:
Yes this is a single domain environment.

In Active Directory management I have the following:
Active Directories Users and Computers -> domain.site.com -> Florida -> Miami -> Users

And I'm using:
PrincipalContext ctx = new PrincipalContext(
                                                     ContextType.Domain,
                                                     "ServerNameDC1.domain.site.com",
                                                     "OU=Florida, OU=Miami, OU=Users, DC=ServerNameDC1,DC=com",
                                                     "adminuser",
                                                     "password");

            UserPrincipal usr = new UserPrincipal(ctx);

            usr.GivenName = "John"; //*********************** I get error here ********************************
            usr.Surname = "Doe";

I'm I supposed to be using the CN= attribute? I'm in the learning stages so please bare with me.

0
 
Todd GerbertIT ConsultantCommented:
No, CN would be one of the built-in containers like Domain.com->Users.  If you have users in an organizational unit named "Users", inside an OU named Miami, etc, then your container's path will be OU=Users,OU=Miami,OU=Florida,DC=domain,DC=com - or OU=Users,OU=Miami,OU=Florida,DC=site,DC=domain,DC=com, depending on what your domains name actually is.

Otherwise, if the users just sit in the "Miami" OU, then it'd be: OU=Miami,OU=Florida,DC=domain,DC=com - or OU=Miami,OU=Florida,DC=site,DC=domain,DC=com
0
 
centemAuthor Commented:
Thanks tgerbert,
shouldn't break during the PrincipleContext portion of the code other than when assigning GivenName. This is just incredibly puzzling because I've tried following all the guidance from MSDN and other sites on how this should be configured.
0
 
Todd GerbertIT ConsultantCommented:
If I deliberately put in a bad path for the container it doesn't give me an exception until I try to set a value on the UserPrincipal object.
0
 
centemAuthor Commented:
How should the PrincipleContext be configured if I want to test it on a Lab Domain Controller.
0
 
Todd GerbertIT ConsultantCommented:
It'll be configured the same, just adjust the server and domain names accordingly, and build your container's LDAP path by starting with most specific item on the left, and going up the AD tree to the right, e.g. given:

fabrikam.com
|
+--California
|   |
|   +--LA
|      |
|      +--Marketing
|         |
|         +--Users
|            |
|            |--Bob
|            |
|            |--Ron
|            |
|         +--Computers
|            |
|            |--WRKSTN1
|            |
|            |--WRKSTN2
|            |
|      
|      +--Sales
|         |
|         +--Users
|            |
|            |--John
|            |
|            |--Joe
|            |
|         +--Computers
|            |
|            |--WRKSTN3
|            |
|            |--WRKSTN4
|            |
|
|
+--Florida
|   |
|   +--Miami
|      |
|      +--Marketing
|         |
|         +--Users
|            |
|            |--Jack
|            |
|            |--Jeff
|            |
|         +--Computers
|            |
|            |--WRKSTN5
|            |
|            |--WRKSTN6
|            |
|      |
|      +--Sales
|         |
|         +--Users
|            |
|            |--Sue
|            |
|            |--Sally
|            |
|         +--Computers
|            |
|            |--WRKSTN7
|            |
|            |--WRKSTN8
|            |

Open in new window

If you wanted to create a user in Miami's marketing department, your container LDAP path would look like: OU=Users,OU=Marketing,OU=Miami,OU=Florida,DC=fabrikam,DC=com
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

  • 8
  • 7
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now