Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Error creating a user with more than 20 chars in sAMAccountName using .NET

Tags:

c#

.net

vb.net

active-directory

I'm trying to programatically create a new Active Directory user setting the sAMAccountName attribute with a value larger than 20 chars.

When I call the DirectoryEntry.CommitChanges(), I get the error:

00000523: SysErr: DSID-031A0FB6, problem 22 (Invalid argument), data 0

If I try to create a new user setting the sAMAccountName smaller than 20 chars everything work.

Before someone says the the limit of the sAMAccountName is 20 chars, I want to point out that if I try to create the same user having the sAMAccountName more than 20 chars using the Windows tool "Active Directory Users and Computers" everything works. I can see the new entry in AD using the LDP tool and the entry has the sAMAccountName with more than 20 chars.

Why can't I create the user programatically using .NET?

Below is the code I'm using:

Using objDirEnt As DirectoryEntry = New DirectoryEntry("LDAP://my.domain.com/cn=Users,dc=my,dc=domain,dc=com", "username", "Password", AuthenticationTypes.Secure Or AuthenticationTypes.Sealing)
    Using usuario As DirectoryEntry = objDirEnt.Children.Add("CN=aaaaaa bbbbbbbbbb ccccccccc (aaaaaa.bbbbbb.ccccccccc)", "user")
        usuario.Properties("sAMAccountName").Value = "aaaaaa.bbbbbb.ccccccccc"
        usuario.Properties("userAccountControl").Value = AdsUserFlags.PasswordNotRequired
        usuario.Properties("name").Value = "aaaaaa bbbbbbbbbb ccccccccc"
        usuario.Properties("givenName").Value = "aaaaaa"
        usuario.Properties("sn").Value = "bbbbbbbbbb ccccccccc"
        usuario.CommitChanges()
    End Using
End Using
like image 341
Carlos Bomtempo Avatar asked Jan 27 '12 16:01

Carlos Bomtempo

1 Answers

the default restriction for this field is less than 20 chars according to this article: http://msdn.microsoft.com/en-us/library/ms679635.aspx i've not tried to create a user with a 20chars sAMAccountName but maybe its possible with the Novell LDAP Library. I had to use it because we needed to support other LDAP services too. http://www.novell.com/coolsolutions/feature/11204.html

I also found these posts: https://serverfault.com/questions/344815/how-to-add-a-user-in-active-directory-with-name-longer-than-20-characters

like image 198
stylefish Avatar answered Oct 14 '22 23:10

stylefish
Sign in to Comment

Related questions

SQL Server return code -6, what does it mean?
How can I build Linq query with dynamic OR statements?
Compound Select using lambda expression
using singleton for caching
How do I select the target framework of a CodeDom compiler using C#?
Entity Framework Table per Hierarchy Inheritance
Unity loadConfiguration failing
LINQ: Get Table details
How to extract 10 random rows from DataTable?
Get body from Outlook email [Drag’n’Drop]
how to use extension methods across many projects .
getting user details from AD is slow
How Do I Make My C# Application Install Without Admin Rights?
Any R-Tree implementation in F# (or C#)? [duplicate]
C# compiler oddity with delegate constructors
ASP.NET MVC 3 : Is there a way to get a controller's string Name from its Type?
Strange behavior with NUnit, ExpectedException & yield return
Paste from Excel into C# app, retaining full precision
Is it possible for an asp.net MVC "Action Method" to receive JSON without declaring its specific type on the parameter? If so, how?
Function composition

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!