Click here to Skip to main content
16,020,633 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I am create user help of "https://www.codeproject.com/Articles/18102/Howto-Almost-Everything-In-Active-Directory-via-C" this article . but when i create new account this error msg will display

System.UnauthorizedAccessException: Access is denied.

at System.DirectoryServices.Interop.UnsafeNativeMethods.IAds.SetInfo()
at System.DirectoryServices.DirectoryEntry.CommitChanges()
at Service.CreateAdAccount(String sUserName, String sPassword) in c:\inetpub\wwwroot\ADAuthentication\App_Code\Service.cs:line 121



how to resolve this errror. please help mee.

What I have tried:

Howto: (Almost) Everything In Active Directory via C#[^]
Posted
Updated 28-Dec-16 19:56pm

1 solution

To interact with Active Directory, you (the user runs the code) have to have the proper right. Not anyone, for instance, can create a new user in Active Directory...
You web service runs under credentials with insufficient right, so you get the error...
 
Share this answer
 
Comments
Member 11876124 28-Dec-16 4:48am    
how to provide right, please guide me
Kornfeld Eliyahu Peter 28-Dec-16 5:08am    
You can not provide right from code!!! You have to have a user with the right assigned by the system manager...
Member 11876124 28-Dec-16 5:28am    
Hi,
if i am provide full right a user like (ABC), how i authenticate this user via using asp .net code, he(abc) is create new user in active directory.
Kornfeld Eliyahu Peter 28-Dec-16 5:31am    
If you have credentials with the proper right, than you can impersonate it from your code...
However that involves some native API (WIN32)...
There is a nice sample here: https://platinumdogs.me/2008/10/30/net-c-impersonation-with-network-credentials/
Member 11876124 29-Dec-16 1:58am    
hi,

when i try blew code

public string CreateUserAccount(string ldapPath, string userName,
string userPassword)
{
try
{
string oGUID = string.Empty;
string connectionPrefix = "LDAP://" + ldapPath;
DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);
DirectoryEntry newUser = dirEntry.Children.Add
("CN=" + userName, "user");
newUser.Properties["samAccountName"].Value = userName;
newUser.CommitChanges();
oGUID = newUser.Guid.ToString();

newUser.Invoke("SetPassword", new object[] { userPassword });
newUser.CommitChanges();
dirEntry.Close();
newUser.Close();
}
catch (System.DirectoryServices.DirectoryServicesCOMException E)
{
//DoSomethingwith --> E.Message.ToString();

}
return oGUID;
}

i have facing issue in below line of code:-
newUser.Properties["samAccountName"].Value = userName;

this line giving compile time error("
Error 2 Non-invocable member 'System.DirectoryServices.DirectoryEntry.Properties' cannot be used like a method")

how to resolve this. please help me

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900