VB.Net program to disable AD accounts

  • Thread starter Thread starter Evers_mark
  • Start date Start date
E

Evers_mark

Guest
So I am attempt to create a VB.net program. Part of the program will need to connect into AD and disable AD accounts. However I seem to be getting an error when I attempt commit the changes I get error.

System.DirectoryServices.DirectoryServicesCOMException (0x80072014): The requested operation did not satisfy one or more constraints associated with the class of the object.

The same program is able to search AD based on a couple of attributes and pull back info on those accounts, so the AD connection is working. The account that I am running the program as full rights to the Test AD accounts that I am attempting to disable. Below is the code that I am attempting to use to disable the accounts.

Imports System
Imports System.IO
Imports System.Collections
Imports System.DirectoryServices
Public Class Form1

Public strUserList() As String
Public strDomainVerifiedList() As String
Public strVerifiedUserList() As String
Public objADConnection As Object
Public ADEntry As New DirectoryEntry("LDAP://DC=domain,DC=com")
Public ADSearch As New DirectorySearcher(ADEntry)




Private Sub Select_File_Button_Click(sender As Object, e As EventArgs) Handles Select_File_Button.Click
Dim myStream As Stream = Nothing
Dim openFileDialog1 As New OpenFileDialog()

openFileDialog1.InitialDirectory = "c:\"
openFileDialog1.Filter = "txt files (*.txt)|*.txt|All files (*.*)|*.*"
openFileDialog1.FilterIndex = 2
openFileDialog1.RestoreDirectory = True

If openFileDialog1.ShowDialog() = System.Windows.Forms.DialogResult.OK Then
strUserList = IO.File.ReadAllLines(openFileDialog1.FileName)
For Each strUser In strUserList
Users_import_lb.Items.Add(strUser)
DisableUsers_LB.Items.Add(strUser)
Next
End If
End Sub

Private Sub VerifyUsers_button_Click(sender As Object, e As EventArgs) Handles VerifyUsers_button.Click
ADSearch.CacheResults = False
ADSearch.PropertiesToLoad.Add("sAMAccountName")
ADSearch.PropertiesToLoad.Add("mail")
ADSearch.PropertiesToLoad.Add("employeeID")

For Each strUser As String In strUserList
If Username_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmployeeID_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If

Dim results As SearchResultCollection = ADSearch.FindAll()
Dim result As SearchResult
If results.Count = 1 Then 'Was > 0
'InitPanel2()
For Each result In results
If result.Properties.Contains("sAMAccountName") Then Users_verify_lb.Items.Add(result.Properties("sAMAccountName")(0))
If result.Properties.Contains("employeeID") Then Users_verify_lb.Items.Add(result.Properties("employeeID")(0))
If result.Properties.Contains("mail") Then Users_verify_lb.Items.Add(result.Properties("mail")(0))
Next
End If

Next

End Sub

Private Sub DisableUsers_button_Click(sender As Object, e As EventArgs) Handles DisableUsers_button.Click

For Each strUser As String In strUserList
If Username_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(sAMAccountName=" & strUser & "))"
ElseIf Email_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(mail=" & strUser & "))"
ElseIf EmpID_Disable_RB.Checked Then
ADSearch.Filter = "(&(objectCategory=Person)(objectCategory=user)(employeeID=" & strUser & "))"
End If

ADSearch.SearchScope = SearchScope.Subtree
Dim results As SearchResult = ADSearch.FindOne()
If Not results Is Nothing Then
Dim iVal As Integer = ADEntry.Properties("userAccountControl").Value
ADEntry.Properties("userAccountControl").Value = iVal Or &H2
ADEntry.CommitChanges()
ADEntry.Close()
End If

Next
End Sub

End Class


It is failing on the part in bold. Any suggestions on what I am doing wrong?

Thank You

Mark Evers

Continue reading...
 
Back
Top