P
Peter Bradley
I'm trying to use System.DirectoryServices to update Active Directory from a
Web Service. When I try to commit the changes, I get the following error
message:
"A constraint violation occurred. (Exception from HRESULT: 0x8007202F)"
My code is like this:
<code>
*** method signature and stuff ***
try
{
*** Some other code *** (assignments etc)
// Connect to the Art and Design school directory entry
DirectoryEntry de = new
DirectoryEntry("LDAP://oursever.our.domain:389/OU=Art and
Design,OU=Student,OU=Development,OU=User
Accounts,DC=internal,DC=uwic,DC=ac,DC=uk", "AnAdminUser", "apwd");
// Get the children of the directory entry and then add to the Children
collection
DirectoryEntries users = null; // The Children Collection
DirectoryEntry user; // The user to Add()
if (de != null)
users = de.Children; // Throws COMException on failure
else
throw new Exception("The Directory Entry is null");
// Add the new child, passing in the
user = users.Add("CN=asurname aforename(dv04002701)", "user");
user.Properties["distinguishedName"].Add("CN=asurname
aforename(dv04002701),OU=Art and Design,OU=Student,OU=User Accounts);
user.Properties["cn"].Add("asurname aforename(dv04002701)");
user.Properties["description"].Add(aString);
user.Properties["title"].Add(aString);
user.Properties["givenName"].Add(aForename);
user.Properties["displayName"].Add(aSurname + ", " + aForename);
user.Properties["company"].Add(anEmailAddress);
user.Properties["mail"].Add("dv04002701");
user.Properties["name"].Add(aSurname.ToLower() + " " + aForename.ToLower() +
"(dv04002701)");
user.Properties["userPassword"].Add(aPassword);
//user.Properties["accountDisabled"].Add(false); // Gives error "The
specified directory service attribute or value does not exist." if included
//user.Properties["passwordExpired"].Add(false); // Gives error "The
specified directory service attribute or value does not exist." if included
user.Properties["objectCategory"].Add(anObjectCategory);
user.Properties["objectClass"].Add(anObjectClass);
user.Properties["sAMAccountName"].Add("dv04002701");
user.Properties["instanceType"].Add(4);
user.CommitChanges();
}
catch (COMException ce)
{
string m = ce.Message; // For debug only
throw RaiseException("GetException", "WSSoapException", ce.Message,
"2000", ce.Source, FaultCode.Server);
}
catch (Exception ex)
{
string m = ex.Message; // For debug only
throw RaiseException("GetException", "WSSoapException", ex.Message,
"2000", ex.Source, FaultCode.Server);
}
</code>
According to ADSI Edit, the following fields are mandatory:
- cn
- instanceType
- objectCategory
- objectClass
- sAMAccountName
The user I give has full permissions on Active Directory.
The exception is thrown on the call to CommitChanges().
Putting CommitChanges immediately after the call to Add() gives the same
error. Calling RefreshCache() on the DirecoryEntry (de) immediately after
the call to Add() returns with no error.
Can anyone help?
Peter
Web Service. When I try to commit the changes, I get the following error
message:
"A constraint violation occurred. (Exception from HRESULT: 0x8007202F)"
My code is like this:
<code>
*** method signature and stuff ***
try
{
*** Some other code *** (assignments etc)
// Connect to the Art and Design school directory entry
DirectoryEntry de = new
DirectoryEntry("LDAP://oursever.our.domain:389/OU=Art and
Design,OU=Student,OU=Development,OU=User
Accounts,DC=internal,DC=uwic,DC=ac,DC=uk", "AnAdminUser", "apwd");
// Get the children of the directory entry and then add to the Children
collection
DirectoryEntries users = null; // The Children Collection
DirectoryEntry user; // The user to Add()
if (de != null)
users = de.Children; // Throws COMException on failure
else
throw new Exception("The Directory Entry is null");
// Add the new child, passing in the
user = users.Add("CN=asurname aforename(dv04002701)", "user");
user.Properties["distinguishedName"].Add("CN=asurname
aforename(dv04002701),OU=Art and Design,OU=Student,OU=User Accounts);
user.Properties["cn"].Add("asurname aforename(dv04002701)");
user.Properties["description"].Add(aString);
user.Properties["title"].Add(aString);
user.Properties["givenName"].Add(aForename);
user.Properties["displayName"].Add(aSurname + ", " + aForename);
user.Properties["company"].Add(anEmailAddress);
user.Properties["mail"].Add("dv04002701");
user.Properties["name"].Add(aSurname.ToLower() + " " + aForename.ToLower() +
"(dv04002701)");
user.Properties["userPassword"].Add(aPassword);
//user.Properties["accountDisabled"].Add(false); // Gives error "The
specified directory service attribute or value does not exist." if included
//user.Properties["passwordExpired"].Add(false); // Gives error "The
specified directory service attribute or value does not exist." if included
user.Properties["objectCategory"].Add(anObjectCategory);
user.Properties["objectClass"].Add(anObjectClass);
user.Properties["sAMAccountName"].Add("dv04002701");
user.Properties["instanceType"].Add(4);
user.CommitChanges();
}
catch (COMException ce)
{
string m = ce.Message; // For debug only
throw RaiseException("GetException", "WSSoapException", ce.Message,
"2000", ce.Source, FaultCode.Server);
}
catch (Exception ex)
{
string m = ex.Message; // For debug only
throw RaiseException("GetException", "WSSoapException", ex.Message,
"2000", ex.Source, FaultCode.Server);
}
</code>
According to ADSI Edit, the following fields are mandatory:
- cn
- instanceType
- objectCategory
- objectClass
- sAMAccountName
The user I give has full permissions on Active Directory.
The exception is thrown on the call to CommitChanges().
Putting CommitChanges immediately after the call to Add() gives the same
error. Calling RefreshCache() on the DirecoryEntry (de) immediately after
the call to Add() returns with no error.
Can anyone help?
Peter