尝试创建新的 Active Directory 用户时,Invoke(“SetPassword",pwd) 抛

Trying to create a new Active Directory user, Invoke(quot;SetPasswordquot;,pwd) throws quot;The RPC server is unavailablequot;(尝试创建新的 Active Directory 用户时,Invoke(“SetPassword,pwd) 抛出“RPC 服务器不可用) - IT屋-程序员软件开发技术
本文介绍了尝试创建新的 Active Directory 用户时,Invoke(“SetPassword",pwd) 抛出“RPC 服务器不可用"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我正在尝试使用 .NET System.DirectoryServices 命名空间在我的开发活动目录服务器上创建一个新用户.

I'm trying to create a new user on my development active directory server using .NET System.DirectoryServices namespace.

我尝试使用以下代码:

DirectoryEntry dirEntry = new DirectoryEntry(path, "TESTDOM\Administrator", "2109password", AuthenticationTypes.Secure | AuthenticationTypes.ServerBind);

object o = dirEntry.NativeObject;
DirectoryEntry newUser = dirEntry.Children.Add("CN=NewUser4", "user");
newUser.Properties["samAccountName"].Value = "NewUser4";
newUser.Properties["Description"].Add("User Description");

newUser.Invoke("SetPassword",  new object[] {"2109password"} );
newUser.CommitChanges();

我也尝试使用

newUser.CommitChanges();

在我调用 Invoke 设置密码之前.我总是得到一个 TargetInvocationException 包装:

before I call the Invoke to set the password. I always get a TargetInvocationException wrapping:

InnerException {"The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)"} System.Exception {System.Runtime.InteropServices.COMException}

只有在我调用时才会抛出异常

The exception is always only thrown when I call

newUser.Invoke("SetPassword",  new object[] {"2109password"} );

如果我在尝试使用 SetPassword 调用 Invoke 之前调用 newUser.CommitChanges(),则会在域上创建新用户.然后我可以手动转到 AD 机器并设置相同的密码,没有问题(因此密码字符串违反规则不是问题).我注意到网上有很多关于这个的帖子,但没有找到解决方案.

If I call newUser.CommitChanges() before I try to call Invoke with SetPassword, the new user is created on the domain. I can then go manually to the AD machine and set the same password with no problems (so it's not a problem with the password string being against the rules). I've notice many post online about this but found no solution.

我认为这可能与运行代码的机器不是域中的成员这一事实有关.尽管用户 TESTDOMAdministrator 是 TESTDOM 域上的管理员、域管理员、架构管理员和企业管理员组的成员.

I think it might have something to do with the fact that the machine running the code is not a member in the domain. Although the user TESTDOMAdministrator is a member of the: administrators, domain admins, schema admin and enterprise admins groups on the TESTDOM domain.

请注意,我无法使用 System.DirectoryServices.AccountManagement 命名空间,因为我正在使用 .NET 2关于我能做些什么来解决这个问题的任何想法?我绝望了

Notice that I can't use System.DirectoryServices.AccountManagement namespace as I'm working with .NET 2 Any ideas on what can I do to solve this? I am desperate

推荐答案

好的,我搞定了:

 dirEntry = new DirectoryEntry(ldapPath, domainAdminUser, domainAdminPassword);
    dirEntry.Invoke("SetPassword", new object[] { newPassword });
    dirEntry.Properties["LockOutTime"].Value = 0; //unlock account

ldapPath 应该包含我们尝试更改的用户的完整 DN,因此它应该类似于:

ldapPath should include the full DN of the user we're trying to change , so it should look something like:

string ldapPath = "LDAP://ad.domain.com:389/CN=username,OU=Users,DC=ad,DC=domain,DC=com"

这篇关于尝试创建新的 Active Directory 用户时,Invoke(“SetPassword",pwd) 抛出“RPC 服务器不可用"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

Finding Active Directory users from 2 OU(从 2 个 OU 中查找 Active Directory 用户)
How to set a binary attribute when using a AccountManagement Extension Class?(使用 AccountManagement 扩展类时如何设置二进制属性?)
How to check AD user credentials when the user password is expired or quot;user must change password at next logonquot;(如何在用户密码过期或“用户下次登录时必须更改密码时检查 AD 用户凭据)
Getting last Logon Time on Computers in Active Directory(在 Active Directory 中的计算机上获取上次登录时间)
customer-configurable asp.net web site security for fine-grained control of page and button access(客户可配置的 asp.net 网站安全性,用于对页面和按钮访问进行细粒度控制)
Active Directory - Roles of a user(Active Directory - 用户的角色)