M
microsoft
Hi People, when I try to modify an active directory user programatically, I
receive the following exception:
The server is unwilling to process the request
Reading the microsoft web site, I found this article:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 that says the
following:
..........................
To Make Modifications Using ADSI Scripts
Active Directory Services Interfaces (ADSI) can make modifications to the
schema through its Lightweight Directory Access Protocol (LDAP) provider.
The code below determines the location of the schema, bind to the attribute
in the schema, and make the necessary changes to force it to replicate to
the GC.
Const ADS_PROPERTY_CLEAR = 1
' Declarations are commented for use with VBScript
Dim oRootDSE 'As IADs
Dim oConn 'As ADODB.Connection
Dim oRecordset 'As ADODB.Recordset
Dim strAttribute 'As String
Dim strADsPath 'As String
Dim oAttribute 'As IADs
Dim bReplicate 'As Boolean
strAttribute = "Department" 'Replace with the name of the attribute to
change replication
bReplicate = True 'Replicate to GC True/False
Set oConn = CreateObject("ADODB.Connection")
Set oRootDSE = GetObject("LDAP://RootDSE")
oConn.Provider = "ADsDSOObject"
oConn.Open "ADs Provider"
strQuery = "<LDAP://" & oRootDSE.Get("schemaNamingContext")
& ">;(&(objectClass=attributeSchema)(cn=" & strAttribute &
"));cn,adspath;subtree"
Set oRecordset = oConn.Execute(strQuery)
oRecordset.MoveFirst
strADsPath = oRecordset.Fields("ADsPath") 'store the path of the object in
the schema
Set oAttribute = GetObject(strADsPath) 'Get the object in the schema
If bReplicate Then
oAttribute.Put "isMemberOfPartialAttributeSet", True 'Set the property
to true
Else
oAttribute.PutEx ADS_PROPERTY_CLEAR, "isMemberOfPartialAttributeSet", 0
'Clear the property
End If
'Write to schema
oAttribute.SetInfo
'Clean Up
Set oAttribute = Nothing
Set oRootDSE = Nothing
oRecordset.Close
oConn.Close
Set oConn = Nothing
Set oRecordset = Nothing
If the above registry change is not made, the following error occurs
when attempting to run the script:
Error -2147016651 (80072035): Automation error. The server is unwilling to
process the request.
.........................
My code is the following:
public DataSet modifyUser(ContenedorUsuario v_objContenedorUsuario) {
string strFullName = v_objContenedorUsuario.obtenerNombre() +" "+
v_objContenedorUsuario.obtenerPrimerApellido() +" "+
v_objContenedorUsuario.obtenerSegundoApellido();
DirectoryEntry objNewUser = null;
try
{
/* get the current user */
objNewUser = getDirectoryEntry(v_objContenedorUsuario.getUniqueId());
}
catch(Exception e)
{
throw new Exception("Usuario no Existe y no se puede modificar");
}
if (objNuevoUsuario == null)
{
throw new Exception("Usuario no Existe y no se puede modificar");
}
try
{
#region invoke Properties
/* si no se setea esta propiedad, provoca una exception de: The server is
unwilling to process the request,
* para mas detalles ver:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 */
Boolean objBoolean = true;
objNuevoUsuario.Properties["isMemberOfPartialAttributeSet"].Value =
objBoolean;
/* seccion de atributos obligatorios de Active Directory */
invocarPropiedad(ref objNuevoUsuario,"name",strNombreCompleto);
invocarPropiedad(ref
objNuevoUsuario,"givenName",v_objContenedorUsuario.obtenerNombre());
invocarPropiedad(ref
objNuevoUsuario,"Description",v_objContenedorUsuario.obtenerDescripcion());
invocarPropiedad(ref
objNuevoUsuario,"samAccountName",v_objContenedorUsuario.obtenerLogin());
/* Seccion de atributos extendidos de Active Directory */
/* Para detalles ver:
http://www.microsoft.com/latam/technet/articulos/windows2k/chapt-20/ */
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute1",v_objContenedorUsuario.obtenerCedula()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute2",v_objContenedorUsuario.obtenerCorreoEl
ectronico());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute3",v_objContenedorUsuario.obtenerDepartam
ento());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute4",v_objContenedorUsuario.obtenerEntidad(
));
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute5",v_objContenedorUsuario.obtenerJefeDire
cto());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute6",v_objContenedorUsuario.obtenerNombre()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute7",v_objContenedorUsuario.obtenerPrimerAp
ellido());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute8",v_objContenedorUsuario.obtenerPuesto()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute9",v_objContenedorUsuario.obtenerSegundoA
pellido());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute10",v_objContenedorUsuario.obtenerTelefon
o());
/* solamente modifica el password si esta definido */
if(v_objContenedorUsuario.obtenerClave() != "" &&
v_objContenedorUsuario.obtenerClave() != null)
{
objNuevoUsuario.Invoke("SetPassword", new object[]
{v_objContenedorUsuario.obtenerClave() });
}
#endregion
/* Hace "Commit" de los cambios, para asegurar que se realicen en el Active
Directory */
objNuevoUsuario.CommitChanges();
/* se retorna el objeto correspondiente al nuevo usuario */
return convertirUsuarioADataSet(objNuevoUsuario);
}
catch(Exception e)
{
throw e;
}
}
I'm using a user with full rights to modify the active directory. Any idea
why the The server is unwilling to process the request exception???
receive the following exception:
The server is unwilling to process the request
Reading the microsoft web site, I found this article:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 that says the
following:
..........................
To Make Modifications Using ADSI Scripts
Active Directory Services Interfaces (ADSI) can make modifications to the
schema through its Lightweight Directory Access Protocol (LDAP) provider.
The code below determines the location of the schema, bind to the attribute
in the schema, and make the necessary changes to force it to replicate to
the GC.
Const ADS_PROPERTY_CLEAR = 1
' Declarations are commented for use with VBScript
Dim oRootDSE 'As IADs
Dim oConn 'As ADODB.Connection
Dim oRecordset 'As ADODB.Recordset
Dim strAttribute 'As String
Dim strADsPath 'As String
Dim oAttribute 'As IADs
Dim bReplicate 'As Boolean
strAttribute = "Department" 'Replace with the name of the attribute to
change replication
bReplicate = True 'Replicate to GC True/False
Set oConn = CreateObject("ADODB.Connection")
Set oRootDSE = GetObject("LDAP://RootDSE")
oConn.Provider = "ADsDSOObject"
oConn.Open "ADs Provider"
strQuery = "<LDAP://" & oRootDSE.Get("schemaNamingContext")
& ">;(&(objectClass=attributeSchema)(cn=" & strAttribute &
"));cn,adspath;subtree"
Set oRecordset = oConn.Execute(strQuery)
oRecordset.MoveFirst
strADsPath = oRecordset.Fields("ADsPath") 'store the path of the object in
the schema
Set oAttribute = GetObject(strADsPath) 'Get the object in the schema
If bReplicate Then
oAttribute.Put "isMemberOfPartialAttributeSet", True 'Set the property
to true
Else
oAttribute.PutEx ADS_PROPERTY_CLEAR, "isMemberOfPartialAttributeSet", 0
'Clear the property
End If
'Write to schema
oAttribute.SetInfo
'Clean Up
Set oAttribute = Nothing
Set oRootDSE = Nothing
oRecordset.Close
oConn.Close
Set oConn = Nothing
Set oRecordset = Nothing
If the above registry change is not made, the following error occurs
when attempting to run the script:
Error -2147016651 (80072035): Automation error. The server is unwilling to
process the request.
.........................
My code is the following:
public DataSet modifyUser(ContenedorUsuario v_objContenedorUsuario) {
string strFullName = v_objContenedorUsuario.obtenerNombre() +" "+
v_objContenedorUsuario.obtenerPrimerApellido() +" "+
v_objContenedorUsuario.obtenerSegundoApellido();
DirectoryEntry objNewUser = null;
try
{
/* get the current user */
objNewUser = getDirectoryEntry(v_objContenedorUsuario.getUniqueId());
}
catch(Exception e)
{
throw new Exception("Usuario no Existe y no se puede modificar");
}
if (objNuevoUsuario == null)
{
throw new Exception("Usuario no Existe y no se puede modificar");
}
try
{
#region invoke Properties
/* si no se setea esta propiedad, provoca una exception de: The server is
unwilling to process the request,
* para mas detalles ver:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;248717 */
Boolean objBoolean = true;
objNuevoUsuario.Properties["isMemberOfPartialAttributeSet"].Value =
objBoolean;
/* seccion de atributos obligatorios de Active Directory */
invocarPropiedad(ref objNuevoUsuario,"name",strNombreCompleto);
invocarPropiedad(ref
objNuevoUsuario,"givenName",v_objContenedorUsuario.obtenerNombre());
invocarPropiedad(ref
objNuevoUsuario,"Description",v_objContenedorUsuario.obtenerDescripcion());
invocarPropiedad(ref
objNuevoUsuario,"samAccountName",v_objContenedorUsuario.obtenerLogin());
/* Seccion de atributos extendidos de Active Directory */
/* Para detalles ver:
http://www.microsoft.com/latam/technet/articulos/windows2k/chapt-20/ */
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute1",v_objContenedorUsuario.obtenerCedula()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute2",v_objContenedorUsuario.obtenerCorreoEl
ectronico());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute3",v_objContenedorUsuario.obtenerDepartam
ento());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute4",v_objContenedorUsuario.obtenerEntidad(
));
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute5",v_objContenedorUsuario.obtenerJefeDire
cto());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute6",v_objContenedorUsuario.obtenerNombre()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute7",v_objContenedorUsuario.obtenerPrimerAp
ellido());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute8",v_objContenedorUsuario.obtenerPuesto()
);
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute9",v_objContenedorUsuario.obtenerSegundoA
pellido());
invocarPropiedad(ref
objNuevoUsuario,"extensionAttribute10",v_objContenedorUsuario.obtenerTelefon
o());
/* solamente modifica el password si esta definido */
if(v_objContenedorUsuario.obtenerClave() != "" &&
v_objContenedorUsuario.obtenerClave() != null)
{
objNuevoUsuario.Invoke("SetPassword", new object[]
{v_objContenedorUsuario.obtenerClave() });
}
#endregion
/* Hace "Commit" de los cambios, para asegurar que se realicen en el Active
Directory */
objNuevoUsuario.CommitChanges();
/* se retorna el objeto correspondiente al nuevo usuario */
return convertirUsuarioADataSet(objNuevoUsuario);
}
catch(Exception e)
{
throw e;
}
}
I'm using a user with full rights to modify the active directory. Any idea
why the The server is unwilling to process the request exception???