Trying to get a name from Active Directory with DirectoryServices

[jmDesktop]

Can someone tell me why I get this error?

System.DirectoryServices.DirectoryServicesCOMException was unhandled
Message="An operations error occurred.\r\n"
Source="System.DirectoryServices"
ErrorCode=-2147016672
ExtendedError=8406
ExtendedErrorMessage="000020D6: SvcErr: DSID-03100684, problem 5012
(DIR_ERROR), data 0\n"


From:

private void Form1_Load(object sender, EventArgs e)
{
DirectoryEntry group = new DirectoryEntry("LDAP://CN=MyDomain"); //
represents your group you wish to look at

using (group)
{
DirectorySearcher ds = new DirectorySearcher(
group,
"(&(objectClass=user)(objectCategory=person))", //only
retrieve user objects
new string[]{"sAMAccountName"}
);

//the part the you really need to do is next two lines
ds.SearchScope = SearchScope.Base;
ds.AttributeScopeQuery = "member";

using (SearchResultCollection src = ds.FindAll())
{
foreach (SearchResult sr in src)
sr.Properties["sAMAccountName"][0].ToString();
}
}

}
}

 

[Peter Bradley]

On what line does the error occur?

Peter

 

[Willy Denoyette [MVP]]

Can someone tell me why I get this error?

System.DirectoryServices.DirectoryServicesCOMException was unhandled
Message="An operations error occurred.\r\n"
Source="System.DirectoryServices"
ErrorCode=-2147016672
ExtendedError=8406
ExtendedErrorMessage="000020D6: SvcErr: DSID-03100684, problem 5012
(DIR_ERROR), data 0\n"


From:

private void Form1_Load(object sender, EventArgs e)
{
DirectoryEntry group = new DirectoryEntry("LDAP://CN=MyDomain"); //
represents your group you wish to look at

using (group)
{
DirectorySearcher ds = new DirectorySearcher(
group,
"(&(objectClass=user)(objectCategory=person))", //only
retrieve user objects
new string[]{"sAMAccountName"}
);

//the part the you really need to do is next two lines
ds.SearchScope = SearchScope.Base;
ds.AttributeScopeQuery = "member";

using (SearchResultCollection src = ds.FindAll())
{
foreach (SearchResult sr in src)
sr.Properties["sAMAccountName"][0].ToString();
}
}

}
}

That's because the current user running this code is not a domain user, and as such has no
access permissions to the AD.
To solve this issue, either run this code as a domain user or specify explicitly credentials
in your DirectoryEntry constructor.

Willy.

 

[jmDesktop]

Can someone tell me why I get this error?

System.DirectoryServices.DirectoryServicesCOMException was unhandled
Message="An operations error occurred.\r\n"
Source="System.DirectoryServices"
ErrorCode=-2147016672
ExtendedError=8406
ExtendedErrorMessage="000020D6: SvcErr: DSID-03100684, problem 5012
(DIR_ERROR), data 0\n"

private void Form1_Load(object sender, EventArgs e)
{
DirectoryEntry group = new DirectoryEntry("LDAP://CN=MyDomain"); //
represents your group you wish to look at

using (group)
{
DirectorySearcher ds = new DirectorySearcher(
group,
"(&(objectClass=user)(objectCategory=person))", //only
retrieve user objects
new string[]{"sAMAccountName"}
);

//the part the you really need to do is next two lines
ds.SearchScope = SearchScope.Base;
ds.AttributeScopeQuery = "member";

using (SearchResultCollection src = ds.FindAll())
{
foreach (SearchResult sr in src)
sr.Properties["sAMAccountName"][0].ToString();
}
}

}
}

That's because the current user running this code is not a domain user, and as such has no
access permissions to the AD.
To solve this issue, either run this code as a domain user or specify explicitly credentials
in your DirectoryEntry constructor.

Willy.- Hide quoted text -

- Show quoted text -

I am the domain admin, does it try and run it under another process?

 

[Willy Denoyette [MVP]]

Can someone tell me why I get this error?

System.DirectoryServices.DirectoryServicesCOMException was unhandled
Message="An operations error occurred.\r\n"
Source="System.DirectoryServices"
ErrorCode=-2147016672
ExtendedError=8406
ExtendedErrorMessage="000020D6: SvcErr: DSID-03100684, problem 5012
(DIR_ERROR), data 0\n"

private void Form1_Load(object sender, EventArgs e)
{
DirectoryEntry group = new DirectoryEntry("LDAP://CN=MyDomain"); //
represents your group you wish to look at

using (group)
{
DirectorySearcher ds = new DirectorySearcher(
group,
"(&(objectClass=user)(objectCategory=person))", //only
retrieve user objects
new string[]{"sAMAccountName"}
);

//the part the you really need to do is next two lines
ds.SearchScope = SearchScope.Base;
ds.AttributeScopeQuery = "member";

using (SearchResultCollection src = ds.FindAll())
{
foreach (SearchResult sr in src)
sr.Properties["sAMAccountName"][0].ToString();
}
}

}
}

That's because the current user running this code is not a domain user, and as such has
no
access permissions to the AD.
To solve this issue, either run this code as a domain user or specify explicitly
credentials
in your DirectoryEntry constructor.

Willy.- Hide quoted text -

- Show quoted text -

I am the domain admin, does it try and run it under another process?

Must be something wrong with the LDAP path then, if this: new
DirectoryEntry("LDAP://CN=MyDomain"); //
is your ldap path, then it is wrong.
The DirectoryEntry constructor should look something like this:

DirectoryEntry("LDAP://xxxx/cn=..., cn=.., dc=..., dc=...");
where xxx is or the domain name or the DC name or RootDSE or GC.
Please search MSDN "Binding to Active Directory Domain Services", for details about when and
where you should use one of them.

Willy.