E
Evers_mark
Guest
So I am attempt to create a VB.net program. Part of the program will need to connect into AD and disable AD accounts. However I seem to be getting an error when I attempt commit the changes I get error.
System.DirectoryServices.DirectoryServicesCOMException (0x80072014): The requested operation did not satisfy one or more constraints associated with the class of the object.
The same program is able to search AD based on a couple of attributes and pull back info on those accounts, so the AD connection is working. The account that I am running the program as full rights to the Test AD accounts that I am attempting to disable. Below is the code that I am attempting to use to disable the accounts.
Imports System
Imports System.IO
Imports System.Collections
Imports System.DirectoryServices
Public Class Form1
Public strUserList() As String
Public strDomainVerifiedList() As String
Public strVerifiedUserList() As String
Public objADConnection As Object
Public ADEntry As New DirectoryEntry("LDAP://DC=domain,DC=com")
Public ADSearch As New DirectorySearcher(ADEntry)
Private Sub Select_File_Button_Click(sender As Object, e As EventArgs) Handles Select_File_Button.Click
Dim myStream As Stream = Nothing
Dim openFileDialog1 As New OpenFileDialog()
openFileDialog1.InitialDirectory = "c:\"
openFileDialog1.Filter = "txt files (*.txt)|*.txt|All files (*.*)|*.*"
openFileDialog1.FilterIndex = 2
openFileDialog1.RestoreDirectory = True
If openFileDialog1.ShowDialog() = System.Windows.Forms.DialogResult.OK Then
strUserList = IO.File.ReadAllLines(openFileDialog1.FileName)
For Each strUser In strUserList
Users_import_lb.Items.Add(strUser)
DisableUsers_LB.Items.Add(strUser)
Next
End If
End Sub
Private Sub VerifyUsers_button_Click(sender As Object, e As EventArgs) Handles VerifyUsers_button.Click
ADSearch.CacheResults = False
ADSearch.PropertiesToLoad.Add("sAMAccountName")
ADSearch.PropertiesToLoad.Add("mail")
ADSearch.PropertiesToLoad.Add("employeeID")
For Each strUser As String In strUserList
If Username_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmployeeID_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If
Dim results As SearchResultCollection = ADSearch.FindAll()
Dim result As SearchResult
If results.Count = 1 Then 'Was > 0
'InitPanel2()
For Each result In results
If result.Properties.Contains("sAMAccountName") Then Users_verify_lb.Items.Add(result.Properties("sAMAccountName")(0))
If result.Properties.Contains("employeeID") Then Users_verify_lb.Items.Add(result.Properties("employeeID")(0))
If result.Properties.Contains("mail") Then Users_verify_lb.Items.Add(result.Properties("mail")(0))
Next
End If
Next
End Sub
Private Sub DisableUsers_button_Click(sender As Object, e As EventArgs) Handles DisableUsers_button.Click
For Each strUser As String In strUserList
If Username_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmpID_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If
ADSearch.SearchScope = SearchScope.Subtree
Dim results As SearchResult = ADSearch.FindOne()
If Not results Is Nothing Then
Dim iVal As Integer = ADEntry.Properties("userAccountControl").Value
ADEntry.Properties("userAccountControl").Value = iVal Or &H2
ADEntry.CommitChanges()
ADEntry.Close()
End If
Next
End Sub
End Class
It is failing on the part in bold. Any suggestions on what I am doing wrong?
Thank You
Mark Evers
Continue reading...
System.DirectoryServices.DirectoryServicesCOMException (0x80072014): The requested operation did not satisfy one or more constraints associated with the class of the object.
The same program is able to search AD based on a couple of attributes and pull back info on those accounts, so the AD connection is working. The account that I am running the program as full rights to the Test AD accounts that I am attempting to disable. Below is the code that I am attempting to use to disable the accounts.
Imports System
Imports System.IO
Imports System.Collections
Imports System.DirectoryServices
Public Class Form1
Public strUserList() As String
Public strDomainVerifiedList() As String
Public strVerifiedUserList() As String
Public objADConnection As Object
Public ADEntry As New DirectoryEntry("LDAP://DC=domain,DC=com")
Public ADSearch As New DirectorySearcher(ADEntry)
Private Sub Select_File_Button_Click(sender As Object, e As EventArgs) Handles Select_File_Button.Click
Dim myStream As Stream = Nothing
Dim openFileDialog1 As New OpenFileDialog()
openFileDialog1.InitialDirectory = "c:\"
openFileDialog1.Filter = "txt files (*.txt)|*.txt|All files (*.*)|*.*"
openFileDialog1.FilterIndex = 2
openFileDialog1.RestoreDirectory = True
If openFileDialog1.ShowDialog() = System.Windows.Forms.DialogResult.OK Then
strUserList = IO.File.ReadAllLines(openFileDialog1.FileName)
For Each strUser In strUserList
Users_import_lb.Items.Add(strUser)
DisableUsers_LB.Items.Add(strUser)
Next
End If
End Sub
Private Sub VerifyUsers_button_Click(sender As Object, e As EventArgs) Handles VerifyUsers_button.Click
ADSearch.CacheResults = False
ADSearch.PropertiesToLoad.Add("sAMAccountName")
ADSearch.PropertiesToLoad.Add("mail")
ADSearch.PropertiesToLoad.Add("employeeID")
For Each strUser As String In strUserList
If Username_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmployeeID_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If
Dim results As SearchResultCollection = ADSearch.FindAll()
Dim result As SearchResult
If results.Count = 1 Then 'Was > 0
'InitPanel2()
For Each result In results
If result.Properties.Contains("sAMAccountName") Then Users_verify_lb.Items.Add(result.Properties("sAMAccountName")(0))
If result.Properties.Contains("employeeID") Then Users_verify_lb.Items.Add(result.Properties("employeeID")(0))
If result.Properties.Contains("mail") Then Users_verify_lb.Items.Add(result.Properties("mail")(0))
Next
End If
Next
End Sub
Private Sub DisableUsers_button_Click(sender As Object, e As EventArgs) Handles DisableUsers_button.Click
For Each strUser As String In strUserList
If Username_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmpID_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If
ADSearch.SearchScope = SearchScope.Subtree
Dim results As SearchResult = ADSearch.FindOne()
If Not results Is Nothing Then
Dim iVal As Integer = ADEntry.Properties("userAccountControl").Value
ADEntry.Properties("userAccountControl").Value = iVal Or &H2
ADEntry.CommitChanges()
ADEntry.Close()
End If
Next
End Sub
End Class
It is failing on the part in bold. Any suggestions on what I am doing wrong?
Thank You
Mark Evers
Continue reading...
