Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
2
Hello All,
I am trying to create a little C# program that will read in a list of
users and remove them from a particular group. I can read in the
users just fine and my code will run to the point where it appears
that the user will be removed but when I try to commit the changes I
get an error and I was wondering if anyone here could help me out a
little bit.
-------------------ERROR----------------------
Exception caught:
System.DirectoryServices.DirectoryServicesCOMException (0x80072035):
The server is unwilling to process the request.
at System.DirectoryServices.DirectoryEntry.CommitChanges()
at
Active_Directory.remove_users_from_pq.RemoveUsersFromGroup(String
groupName) in C:\Users\booter\Documents\Visual Studio 2010\Projects
\Active Directory\Active Directory\Remove from pqgroups.cs:line 37
-------------------CODE----------------------
public void RemoveUsersFromGroup(String groupName)
{
try
{
foreach (MyUser user in users)
{
DirectoryEntry dirEntry = new
DirectoryEntry("LDAP://CN=" + user.get_username() + rest_of_DN);
dirEntry.Properties["memberOf"].Remove(groupName);
dirEntry.CommitChanges();
dirEntry.Close();
}
}
catch (Exception Ex)
{
//doSomething with E.Message.ToString();
results_box.AppendText("Exception caught: \n\n" +
Ex.ToString());
}
}
--------------------END------------------
This code is being run as a domain admin and pretty much taken from
examples I see online.
Any help or advice would be greatly appreciated.
booter
3 replies to this topic
Back to top|
|
|
#2
Posted 09 June 2011 - 05:59 PM
fayyazlodhi
-
- Members
-
- 403 posts
Programming Expert
How about calling SetPassword before committing changes? I remember having read some where that if user doesn't have one, windows policies could be a cause.
#3
Posted 09 June 2011 - 06:10 PM
fayyazlodhi
-
- Members
-
- 403 posts
Programming Expert
More specifically, user should be existent in directory before you call SetPassword. If it has no password it won't be there. So create the user with the following flag
userAccountControl PASSWD_NOTREQD. Then you may call SetPassword. The flag can be cleared by XORing it with userAccountControl.
userAccountControl PASSWD_NOTREQD. Then you may call SetPassword. The flag can be cleared by XORing it with userAccountControl.
#4
Posted 10 June 2011 - 07:03 AM
booter
-
- Members
-
- 2 posts
Newbie
Hey,
Thanks for the reply. Unfortunately on my DirectoryEntry object I cannot SetPassword. Also they are already in Active Directory and all of them already have a password. I just need to remove them from a group that they no longer need to be in.
Any other ideas or maybe a little more detail would help out greatly.
Thanks for your help.
booter
Thanks for the reply. Unfortunately on my DirectoryEntry object I cannot SetPassword. Also they are already in Active Directory and all of them already have a password. I just need to remove them from a group that they no longer need to be in.
Any other ideas or maybe a little more detail would help out greatly.
Thanks for your help.
booter
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
