在带有 C# 错误的 Active Directory 中创建用户 [英] Creating user in Active Directory with C# errors
问题描述
我正在尝试在我的域中的特定 OU 中创建用户.这是我得到的
I am trying to create a user in a specific OU in my domain. Here's what I got
public static string ldapPath = "LDAP://OU=Domain Users,DC=contoso,DC=com";
public static string CreateUserAccount(string userName, string userPassword)
{
DirectoryEntry ldapConnection = new DirectoryEntry("contoso.com");
ldapConnection.Path = ldapPath;
DirectoryEntry user = ldapConnection.Children.Add("CN=" + userName, "user");
return user.Guid.ToString();
}
如果我删除 OU=Domain Users,它就可以工作,并且我会收到一个 Guid.但是,我的 OU 中需要这些帐户.我从 AD 用户和计算机中的 OU 本身复制了 ldapPath.我知道这是正确的.
If I remove the OU=Domain Users, it works, and I receive a Guid. However I need these accounts in my OU. I copied the ldapPath from the OU itself in AD Users and Computers. I know it's correct.
我得到的错误是
System.Runtime.InteropServices.COMException (0x80005009): The specified directory object is not bound to a remote resource
at System.DirectoryServices.DirectoryEntry.RefreshCache()
at System.DirectoryServices.DirectoryEntry.FillCache(String propertyName)
at System.DirectoryServices.DirectoryEntry.get_NativeGuid()
at System.DirectoryServices.DirectoryEntry.get_Guid()
at ADINtegrationTest.ActiveDirectory.CreateUserAccount(String userName, String userPassword) in D:\_dataADINtegrationTestADINtegrationTestActiveDirectoryUtils.cs:line 21
at ADINtegrationTest.Form1.Form1_Load(Object sender, EventArgs e) in D:\_dataADINtegrationTestADINtegrationTestForm1.cs:line 32
我在域的成员 Win2k8 服务器上运行它,以域管理员身份登录.我最终需要在另一个 OU 下的一个 OU 中创建它,但让我们从这个开始.
I'm running this on a member Win2k8 server to the domain, logged in as domain administrator. I will eventually need to create it in an OU under another OU, but lets start with this one.
感谢您的帮助!大卫
推荐答案
如果您使用 .NET 3.5 及更高版本,您应该查看 System.DirectoryServices.AccountManagement
(S.DS.AM) 命名空间.在此处阅读所有相关信息:
If you're on .NET 3.5 and up, you should check out the System.DirectoryServices.AccountManagement
(S.DS.AM) namespace. Read all about it here:
基本上,您可以定义域上下文并轻松找到 AD 中的用户和/或组:
Basically, you can define a domain context and easily find users and/or groups in AD:
// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);
// create a user principal object
UserPrincipal user = new UserPrincipal(ctx, "User1Acct", "pass@1w0rd01", true);
// assign some properties to the user principal
user.GivenName = "User";
user.Surname = "One";
// force the user to change password at next logon
user.ExpirePasswordNow();
// save the user to the directory
user.Save();
新的 S.DS.AM 使在 AD 中与用户和组一起玩变得非常容易!
The new S.DS.AM makes it really easy to play around with users and groups in AD!
这篇关于在带有 C# 错误的 Active Directory 中创建用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!