Got COM ERROR when retrieving user members from a group.

Posted on 2014-12-18
Last Modified: 2014-12-19
I'm using vs2012, C#.
I'm bind to AD object class=group.  It contains members that are AD accounts of objectclass=user.
I used the code I found on MSDN,,  but it wont' compile so I added either Object or UserPricipal in the IEnumerable part of the code and both gets me the error below.  What class type do I use for the user object for IEnumerable?

DirectoryEntry group = new DirectoryEntry("LDAP://CN=Sales,DC=Fabrikam,DC=COM");
object members = group.Invoke("Members", null);
foreach(object member in (IEnumerable<object>)members)
    DirectoryEntry x = new DirectoryEntry(member);

"System.InvalidCastException: Unable to cast COM object of type 'System.__ComObject' to interface type 'System.Collections.Generic.IEnumerable`1[System.Object]'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{AEF9EC8A-1E73-365B-8DA2-800A3A6166E6}' failed due to the following error: No such interface supported (Exception from HRESULT: 0x80004002 (E_NOINTERFACE)).\r\n   at

I change the code to

foreach (object groupMember in group.Properties["member"])

then it breaks at the next line at

DirectoryEntry member = new DirectoryEntry(groupMember);

And now I get error

-            $exception      {"The value provided for adsObject does not implement IADs."}      System.Exception {System.ArgumentException}
Question by:lapucca
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 23

Accepted Solution

Michael Fowler earned 500 total points
ID: 40508460
Try using PrincipalContext

PrincipalContext AD = new PrincipalContext(ContextType.Domain, Sales);
UserPrincipal u = new UserPrincipal(AD);
PrincipalSearcher search = new PrincipalSearcher(u);
Foreach (UserPrincipal result in search.FindAll())

Open in new window

Here are some methods that have worked for me previously and exports all users to a file in csv format
      void GetAllADUSersForDomain(string outputFile, string domain)
         PrincipalContext AD = new PrincipalContext(ContextType.Domain, domain);
         UserPrincipal u = new UserPrincipal(AD);
         PrincipalSearcher search = new PrincipalSearcher(u);

         using (StreamWriter sw = new StreamWriter(outputFile, true))
            sw.WriteLine("Domain,User Name,Staff Number,Email,OU");

            foreach (UserPrincipal result in search.FindAll())
               if (result.DisplayName != null)
                  sw.WriteLine(string.Concat(domain, ",", 
                               result.SamAccountName, ",", 
                               result.EmployeeId, ",", 
                               result.EmailAddress, ",", 

      private static string GetOU(string distinguishedName)
         string[] arr = distinguishedName.Split(',');
         for (int i = 0; i < arr.Length; i++)
            if (arr[i].Substring(0, 2) == "OU")
               return arr[i].Substring(3);
         return null;

Open in new window


Author Comment

ID: 40509558
I was thinking about putting all user returned as a DirectoryEntry objct and store in a general colleciton, List<DirectoryEntry>  I want to bind that to a gridview control showing about 6 properties and allow users to change them.  Do you think that's a good way to do it or even doable?

In your fist code example, this code returns all users in the domain, I think.  I would like to retrieve all members (all their user information as an object so can be updated by user in my app) in a Security group only.  I can bind to that Security Group(or user group), I can see looping through it showing all the users members in it, cn=xxxx, ou=xxx, DC=xxx, Dc=xxx...
How can I put these users in a collection, bind it to a gridview?

Thank you.

Author Comment

ID: 40509840
Okay, I used the properties method and what's returned is the DN of the user object so I create new DirectoryEntry object using that to obtain the user object.  Thank you for your help.  
My next challenge is how to allow user editing and writing back to AD.  maybe you can help too.
Thank you.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question