Adding user from trusted domain to local domain group using ldap

EDN Admin · Nov 22, 2012

Hi folks,
I have a vb app that wants to :
1. take a user name
2. validate it against a trusted domain and return the directoryentry
3. Check if the user is already in the local domain group
4. add it to the group if not.

All works apart from 4
My code is below, tracing through it, it fails on the add, an important point is that if I use this code on a local domain user it works fine, it is something to do with the fact that the user is from a trusted domain (I think)
Anyway, Im really stuck so would appreciate any help
<span style="font-family:Consolas; color:blue; font-size:9.5pt Public<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Sub AddUserToGroup(<span style="color:blue ByVal de
<span style="color:blue As <span style="color:#2b91af DirectoryEntry, _
<span style="font-family:Consolas; color:blue; font-size:9.5pt ByVal<span style="font-family:Consolas; font-size:9.5pt deUser
<span style="color:blue As <span style="color:#2b91af DirectoryEntry,
<span style="color:blue ByVal GroupName <span style="color:blue As
<span style="color:blue String)
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Try
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim deSearch <span style="color:blue As <span style="color:#2b91af
DirectorySearcher = <span style="color:blue New <span style="color:#2b91af
DirectorySearcher()
<span style="font-family:Consolas; font-size:9.5pt deSearch.SearchRoot = de
<span style="font-family:Consolas; font-size:9.5pt deSearch.Filter =
<span style="color:#a31515 "(&(objectClass=group) (cn=" & GroupName &
<span style="color:#a31515 "))"
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim results <span style="color:blue As <span style="color:#2b91af
SearchResultCollection = deSearch.FindAll()
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim isGroupMember <span style="color:blue As
<span style="color:blue Boolean = <span style="color:blue False
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue If results.Count > 0 <span style="color:blue
Then
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim group <span style="color:blue As <span style="color:blue
New <span style="color:#2b91af DirectoryEntry(results(0).Path)
<span style="font-family:Consolas; font-size:9.5pt group.Username = domainadmin
<span style="font-family:Consolas; font-size:9.5pt group.Password = domainpassword
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim members <span style="color:blue As <span style="color:blue
Object = group.Invoke(<span style="color:#a31515 "Members", <span style="color:blue
Nothing)
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue For <span style="color:blue Each member <span style="color:blue
As <span style="color:blue Object <span style="color:blue In
<span style="color:blue CType(members, <span style="color:#2b91af IEnumerable)
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim x <span style="color:blue As <span style="color:#2b91af
DirectoryEntry = <span style="color:blue New <span style="color:#2b91af
DirectoryEntry(member)
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Dim name <span style="color:blue As <span style="color:blue
String = x.Name
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue If name <> deUser.Name <span style="color:blue
Then
<span style="font-family:Consolas; font-size:9.5pt isGroupMember =
<span style="color:blue False
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Else
<span style="font-family:Consolas; font-size:9.5pt isGroupMember =
<span style="color:blue True
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Exit For
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue End <span style="color:blue If
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Next member
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue If (<span style="color:blue Not isGroupMember)
<span style="color:blue Then
<span style="font-family:Consolas; font-size:9.5pt group.Invoke(<span style="color:#a31515 "Add",
<span style="color:blue New <span style="color:blue Object() {deUser.Path.ToString()})
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue End <span style="color:blue If
<span style="font-family:Consolas; font-size:9.5pt group.Close()
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue End <span style="color:blue If
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Return
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue Catch e <span style="color:blue As <span style="color:#2b91af
Exception
<span style="font-family:Consolas; font-size:9.5pt MsgBox(<span style="color:#a31515 "Error moving user to group " & e.Message)
<span style="font-family:Consolas; font-size:9.5pt
<span style="color:blue End <span style="color:blue Try

<span style="font-family:Consolas; font-size:9.5pt <span style="color:blue
End <span style="color:blue Sub

View the full article

Adding user from trusted domain to local domain group using ldap

EDN Admin

Well-known member

Similar threads