1 reply to this topic

[mikensu]

I can list groups to which the user belongs and create new users. I am having touble add the new member to the any group. I am gettin nothing printed in tb2.Text for an exception.

private void button1_Click(object sender, System.EventArgs e)

{

   //*************THIS NOT WORKING***************************

    AddToGroup("CN=Alisha Brown,OU=Burbank,OU=California,DC=andrewsinternational,DC=com","cn=sharepoint_users");

  //*************THIS NOT WORKING***************************

   



    string strUserADsPath = "LDAP://CN=Kevin Coughenour,OU=Centreville,DC=andrewsinternational,DC=com";

  

    DirectoryEntry oUser;

    oUser = new DirectoryEntry(strUserADsPath);

    listBox1.Items.Add("Groups to which belongs: Kevin "+ oUser);

    // Invoke IADsUser::Groups method.

    object groups = oUser.Invoke("Groups");

    foreach ( object group in (IEnumerable)groups)   

    {

        // Get the Directory Entry.

        DirectoryEntry groupEntry  = new DirectoryEntry(group);

        listBox1.Items.Add(groupEntry.Name); 

    }

}


public void CreateUserAccount(string ldapPath, string userName, 

    string userPassword)

{

    try

    {

        string oGUID = string.Empty;

        string connectionPrefix = "LDAP://" + ldapPath;

        DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);

        DirectoryEntry newUser = dirEntry.Children.Add

            ("CN=" + userName, "user");

        newUser.Properties["samAccountName"].Value = userName;

        newUser.CommitChanges();

        oGUID = newUser.Guid.ToString();


   


        newUser.Invoke("SetPassword", new object[] { userPassword });

        newUser.CommitChanges();

        dirEntry.Close();

        newUser.Close();

    }

    catch (System.DirectoryServices.DirectoryServicesCOMException E)

    {

        //DoSomethingwith --> E.Message.ToString();


    }

    

}


public void AddToGroup(string userDn, string groupDn)

{

    try

 {

        DirectoryEntry dirEntry = new DirectoryEntry("LDAP://DC=andrewsinternational,DC=com,cn=Sharepoint," + groupDn);

        dirEntry.Properties["member"].Add(userDn);

        dirEntry.CommitChanges();

        dirEntry.Close();

    }

    catch (System.DirectoryServices.DirectoryServicesCOMException E)

    {

        tb2.Text= E.Message.ToString();


    }

}

}

[kernelcoder]

The problem in your code that (while you are adding user to a group), you are just specifying name for user & group. But you need to specify the full domain name (actually the path) for both user & group.

I don't have a server (as well as privilege), I tried to add an user on the local machine domain. So yes, I'm able to add an user to a specific group.

First I added an user with the following code.

DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
DirectoryEntry newUser = localMachine.Children.Add("sujon", "user"); // The user name is 'sujon'.
newUser.Invoke("SetPassword", new object[] { "3l!teP@$$w0RDz" }); // setting the password
newUser.CommitChanges();
localMachine.Close();
newUser.Close();

Then I added that user to the group administrator using the following code...

DirectoryEntry localMachine = new DirectoryEntry("WinNT://" + Environment.MachineName);
DirectoryEntry user = localMachine.Children.Find("sujon", "user"); // Finding the user
DirectoryEntry localComputer = new DirectoryEntry("WinNT://" + Environment.MachineName + ",Computer");
DirectoryEntry adminGroup = localComputer.Children.Find("administrators", "group"); // finding the group
adminGroup.Invoke("Add", new object[] { user.Path }); // add the user to the group
adminGroup.CommitChanges();
localMachine.Close();
user.Close();
localComputer.Close();
adminGroup.Close();