试图创造一个新的Active Directory用户，调用（＆QUOT; SetPassword＆QUOT;，PWD）抛出＆QUOT; RPC服务器不可用＆QUOT;

本文介绍了试图创造一个新的Active Directory用户，调用（＆QUOT; SetPassword＆QUOT;，PWD）抛出＆QUOT; RPC服务器不可用＆QUOT;的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我试图创建一个使用.NET System.DirectoryServices命名空间我发展的Active Directory服务器上的新用户。

I'm trying to create a new user on my development active directory server using .NET System.DirectoryServices namespace.

我尝试使用下面的code：

I try using the following code:

DirectoryEntry dirEntry = new DirectoryEntry(path, "TESTDOM\\Administrator", "2109password", AuthenticationTypes.Secure | AuthenticationTypes.ServerBind);

object o = dirEntry.NativeObject;
DirectoryEntry newUser = dirEntry.Children.Add("CN=NewUser4", "user");
newUser.Properties["samAccountName"].Value = "NewUser4";
newUser.Properties["Description"].Add("User Description");

newUser.Invoke("SetPassword",  new object[] {"2109password"} );
newUser.CommitChanges();

我也尝试过使用犯

I also tried committing using

newUser.CommitChanges();

在我所说的调用来设置密码。我总是得到TargetInvocationException包装：

before I call the Invoke to set the password.I always get a TargetInvocationException wrapping:

InnerException {"The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)"} System.Exception {System.Runtime.InteropServices.COMException}

例外，当我打电话时永远只抛出

The exception is always only thrown when I call

newUser.Invoke("SetPassword",  new object[] {"2109password"} );

如果我叫newUser.CommitChanges（）之前，我尝试调用调用与SetPassword，新用户将在域中创建。那么我可以手动去的广告机，并设置相同的密码，没有任何问题（所以它不是与密码字符串是违反规则的问题）。我在网上看到很多帖子关于这一点，但没有发现任何解决方案。

If I call newUser.CommitChanges() before I try to call Invoke with SetPassword, the new user is created on the domain. I can then go manually to the AD machine and set the same password with no problems (so it's not a problem with the password string being against the rules).I've notice many post online about this but found no solution.

我想可能有一些做的事实，运行code中的机器不在域中的成员。虽然用户TESTDOM \ Administrator是的成员：管理员，域管理员，架构管理员和Enterprise Admins组的TESTDOM域

I think it might have something to do with the fact that the machine running the code is not a member in the domain. Although the user TESTDOM\Administrator is a member of the: administrators, domain admins, schema admin and enterprise admins groups on the TESTDOM domain.

请注意，我不能用System.DirectoryServices.AccountManagement命名空间我正与.NET 2对我有什么可以做的任何想法来解决这个？我不顾一切

Notice that I can't use System.DirectoryServices.AccountManagement namespace as I'm working with .NET 2Any ideas on what can I do to solve this? I am desperate

推荐答案

我猜你需要设置属性来之前先创建用户，我通常用

I guess you need to create the user first before setting properties to it, I usually do it by

/// <summary>
/// This Method will Create a new User Directory Object based on a Username and LDAP Domain
/// </summary>
/// <param name="sUserName">The Username of the New User</param>
/// <param name="sLDAPDomain">The LDAP Domain for the New User</param>
/// <returns></returns>
public DirectoryEntry CreateNewUser(string sUserName, string sLDAPDomain)
{
    //Set the LDAP qualification so that the user will be Created under the Users Container
    string LDAPDomain = "/CN=Users," + sLDAPDomain;
    oDE = new DirectoryEntry("LDAP://" + sADServer + "/" + sLDAPDomain, sADUser, sADPassword, AuthenticationTypes.Secure);

    oDEC = oDE.Children.Add("CN=" + sUserName, "user");
    oDE.Close();
    return oDEC;
}

然后设置，我需要的任何属性。

then set any properties I need

/// <summary>
/// This will Set the Property of the Directory Entry Object
/// </summary>
/// <param name="oDE">The Directory Object to Set to</param>
/// <param name="sPropertyName">The Property Name</param>
/// <param name="sPropertyValue">The Property Value</param>
public void SetProperty(DirectoryEntry oDE, string sPropertyName, string sPropertyValue)
{
    //Check if the Value is Valid
    if (sPropertyValue != string.Empty)
    {
        //Check if the Property Exists
        if (oDE.Properties.Contains(sPropertyName))
        {
            oDE.Properties[sPropertyName].Value = sPropertyValue;
            oDE.CommitChanges();
            oDE.Close();
        }
        else
        {
            oDE.Properties[sPropertyName].Add(sPropertyValue);
            oDE.CommitChanges();
            oDE.Close();
        }
    }
}

然后设置密码

then set the password

/// <summary>
/// This Method will set the Users Password based on Directory Entry Object
/// </summary>
/// <param name="oDE">The Directory Entry to Set the New Password</param>
/// <param name="sPassword">The New Password</param>
/// <param name="sMessage">Any Messages catched by the Exception</param>
public void SetUserPassword(DirectoryEntry oDE, string sPassword, out string sMessage)
{
    try
    {
        //Set The new Password
        oDE.Invoke("SetPassword", new Object[] { sPassword });
        sMessage = "";

        oDE.CommitChanges();
        oDE.Close();
    }
    catch (Exception ex)
    {
        sMessage = ex.InnerException.Message;
    }

}

最后启用该帐户

And finally enable the account

/// <summary>
/// This Method will Enable a User Account Based on the Directory Entry Object
/// </summary>
/// <param name="oDE">The Directoy Entry Object of the Account to Enable</param>
public void EnableUserAccount(DirectoryEntry oDE)
{
    oDE.Properties["userAccountControl"][0] = ADMethods.ADAccountOptions.UF_NORMAL_ACCOUNT;
    oDE.CommitChanges();
    oDE.Close();
}

对于全面落实，你可以去这里 - >的

这篇关于试图创造一个新的Active Directory用户，调用（＆QUOT; SetPassword＆QUOT;，PWD）抛出＆QUOT; RPC服务器不可用＆QUOT;的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！