Changing Active Directory user information via ASP.NET

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,

i've written some code that changes the user information (eg givenname, sn,
department, ...) from a user in AD. The code runs without an error/exception.
The only annoying thing is that the changes aren't executed. here is my code :


Dim deEntry As New DirectoryEntry
deEntry.Path = "LDAP://myDomainController"

Dim dsSearch As New DirectorySearcher(deEntry)
dsSearch.Filter = "(&(objectClass=user)(samaccountname=" & strLogin
& "*))"
Dim entry As DirectoryEntry = dsSearch.FindOne.GetDirectoryEntry
With entry
.Properties("sn").Value = nieuweMdw.achternaam
.Properties("givenname").Value = nieuweMdw.voornaam
.Properties("department").Value = nieuweMdw.afdeling
.Properties("title").Value = nieuweMdw.functie
.Properties("company").Value = nieuweMdw.firma
.Properties("mail").Value = nieuweMdw.email
.Properties("telephonenumber").Value = nieuweMdw.telnr
End With
entry.AuthenticationType = AuthenticationTypes.Secure
entry.CommitChanges()
entry.RefreshCache()
entry.Close()

does anyone see my problem? Thx!
 
i've written some code that changes the user information (eg givenname, sn,
department, ...) from a user in AD. The code runs without an error/exception.
The only annoying thing is that the changes aren't executed. here is my code :
does anyone see my problem? Thx!
Click to expand...

One word: permissions.

In a web environment, you almost HAVE to bind to the root of your AD
directory search with explicit credentials - otherwise you don't have
permissions to update your AD. Also, in many cases, you would need to
specify the actual domain controller to bind to in order to get
results.

So something like this (this is C# - transforms easily into VB.NET):

DirectoryEntry deRootDSE = new DirectoryEntry("LDAP://RootDSE");
string sRootDN =
deRootDSE.Properties["defaultNamingContext"].Value.ToString();

DirectoryEntry deSearchRoot = new
DirectoryEntry("LDAP://myDC01.mydomain.com/" + sRootDN, "your user
name here", "your password", AuthenticationTypes.Secure);

DirectorySearcher dsSearch = new DirectorySearcher(deSearchRoot);

If that doesn't help - you might want to post to
microsoft.public.adsi.general - that's where all the AD programming
gurus hang out (tons of them with much more VB.NET and web experience
than myself).

Marc
 
Back
Top