将AD用户从一个OU移动到另一个OU，其中c＃在dev服务器中工作而不在生产服务器上 [英] Move AD user from one OU to another OU with c# working in dev server not on production server

问题描述

 
 
 
 
 
 var pc = new PrincipalContext（ContextType .Domain，"domaincontroller"，"DC = domain，DC = main"，"adminusername"，"密码";）; 
 // PrincipalContext principalContext = new PrincipalContext（ContextType.Domain）; 
 UserPrincipal userPrincipal = UserPrincipal.FindByIdentity（pc，_ADUserName）; 
 userPrincipal.Enabled = false; 
 userPrincipal.Save（）;禁用用户后，
 
必须移至AD中的termpending（OU），
 
 var domain = new PrincipalContext（ContextType.Domain，" domaincontroller"，" DC = domain，DC = main"，" domainadminusername"，" password"）; 
 var user = UserPrincipal.FindByIdentity（domain，_ADUserName）; 
 DirectoryEntry eLocation = new DirectoryEntry（" LDAP：//" + user.DistinguishedName，" domainadminusername"，" password"）; 
 DirectoryEntry nLocation = new DirectoryEntry（" LDAP：// OU = * Term *，DC = domain，DC = main"，" domainadminusername"，" password"）; 
 eLocation.MoveTo（nLocation）; 
 eLocation.Close（）; 
此代码在dev中工作但不在生产（sharepoint visual webpart）中，目录条目服务无法在远程AD中找到用户。 
 
我可以禁用该帐户。将用户移动到另一个位置不适用于生产。 
 
我观察到，DEV服务器激活了活动目录服务，生产时我们没有激活AD服务（未安装AD）。
 
 请告诉我们如何处理它。 
 
 
提前感谢您的帮助。
 

解决方案

您好，

代码似乎正在您在Dev Environment中测试过。如果要移动AD用户，则需要为这两个域配置Active Directory服务，您可以参考以下博客中的步骤启用Active Directory域服务，然后再次尝试
：

循序渐进：在Windows Server 2016中设置Active Directory

谢谢

最佳此致

 var pc = new PrincipalContext(ContextType.Domain, "domaincontroller", "DC=domain,DC=main", "adminusername", "password");
                // PrincipalContext principalContext = new PrincipalContext(ContextType.Domain);
                UserPrincipal userPrincipal = UserPrincipal.FindByIdentity(pc, _ADUserName);
                userPrincipal.Enabled = false;
                userPrincipal.Save();

after disabling the user have to move to termpending(OU) in AD,

var domain = new PrincipalContext(ContextType.Domain, "domaincontroller", "DC=domain,DC=main", "domainadminusername", "password");
                var user = UserPrincipal.FindByIdentity(domain, _ADUserName);
                DirectoryEntry eLocation = new DirectoryEntry("LDAP://" + user.DistinguishedName, "domainadminusername", "password");
                DirectoryEntry nLocation = new DirectoryEntry("LDAP://OU=*Term*,DC=domain,DC=main", "domainadminusername", "password");
                eLocation.MoveTo(nLocation);
                eLocation.Close();
this code is working in dev but not in production(sharepoint visual webpart) the directory entry service was unable to find user in remote AD.

i am able to disable the account. Moving user to another location is not working in Production. 
I have observed that, DEV server has active directory services activated, where as production we didn't activated AD services(AD was not installed).
Could you please let us know how to handle it.

Thanks in advance for your help.

解决方案

Hi,

The code seems working as you have tested in Dev Environment. And if want to move AD User, it is necessary to configure Active Directory Service for both domain, you could refer steps in the following blog to enable Active Directory Domain Services and then try again:

Step-By-Step: Setting up Active Directory in Windows Server 2016

Thanks

Best Regards

这篇关于将AD用户从一个OU移动到另一个OU，其中c＃在dev服务器中工作而不在生产服务器上的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！