Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Problem in creating windows user using adsi

Status
Not open for further replies.
pratibha14

pratibha14

Technical User
Mar 2, 2004
30
0
0
hi,

From windows form application I can create new user on local machine without problem. But when I try to create new user in web application there is an error "System.UnauthorizedAccessException:General access denied error at System.DirectoryServices.Interop.IAds.SetInfo() at System.DirectoryServices.DirectoryEntry.CommitChanges()

code is
DirectoryEntry de = new DirectoryEntry("WinNT://" + Environment.MachineName + ",computer");
DirectoryEntry newUser = de.Children.Add("TestUser1", "User");
newUser.Password = pwd;
newUser.CommitChanges();
DirectoryEntry grp = de.Children.Find("Guests", "group");
if (grp.Name != "")
{
grp.Invoke("Add", (object)newUser.Path.ToString());
}

Any Suggestions?
Thanks
Pratibha
 
Sort by date Sort by votes
You should try impersonating a user with the relevant permissions to do this, below is some sample code you could use to do this:

Private Function createNTUserWithAD(ByRef domainName As
String, ByRef userName As String) As Long


Dim myDirEntry As DirectoryEntry


Dim impersonationContext As
System.Security.Principal.WindowsImpersonationContext
Dim currentWindowsIdentity As
System.Security.Principal.WindowsIdentity


currentWindowsIdentity = CType(User.Identity,
System.Security.Principal.WindowsIdentity)
impersonationContext =
currentWindowsIdentity.Impersonate()

Try
' trying to connect
myDirEntry = New DirectoryEntry()
myDirEntry.Path = "WinNT://" & domainName
myDirEntry.AuthenticationType =
AuthenticationTypes.Secure

' creating the user
myDirEntry.Children.Add(userNames, "User")
myDirEntry.CommitChanges()
Return 0
Catch myException As System.UnauthorizedAccessException
Response.Write(myException.ToString())
Return -1
End Try
impersonationContext.Undo()
End Function


 
Upvote 0 Downvote
Thanks but above code also returns some error at CommitChanges()

NotImplementedException: Not implemented
]
System.DirectoryServices.Interop.IAds.SetInfo() +0
System.DirectoryServices.DirectoryEntry.CommitChanges() +182
Default_aspx.Page_Load(Object sender, EventArgs e) in E:\Pratibha\Websites\WebSite1\Default.aspx.vb:22
System.Web.UI.Control.OnLoad(EventArgs e) +87
System.Web.UI.Control.LoadRecursive() +55
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2836

Any idea?
Thanks
 
Upvote 0 Downvote
Try replacing the following line

myDirEntry.Path = "WinNT://" & domainName

With an LDAP connection

myDirEntry.Path = "LDAP://" & domainName

and put in the name of the server as formatted for the LDAP query:

createNTUserWithAD("dc=exchangesvr, dc=microsoft, dc=com", "testuserxyz")

and that should work, it did for me

Hope that helps
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JohnB33
  • Locked
  • Question
int type causes error
Replies
0
Views
132
JohnB33
JohnB33
a6green
  • Locked
  • Question
How to configure AT&T / Avaya Definity G3 incoming ISDN trunk
Replies
2
Views
178
a6green
a6green
WIREMESH
  • Locked
  • Question
Play mp4 files in asp.net 2.0 webforms application
Replies
0
Views
47
WIREMESH
WIREMESH
sugu1
  • Locked
  • Question
sound editing in web site to record, cut/trim, paste and save as wav file
Replies
0
Views
143
sugu1
sugu1
G12Consult
  • Locked
  • Question
Importing Excel to SQL Server using EPPlus
Replies
3
Views
125
jbenson001
jbenson001

Part and Inventory Search

Sponsor

Back
Top