Frank Wehner
2005-04-19 12:59:40 UTC
I want to add a new user account to the Active Directory. The C#-Code:
DirectoryEntry userList, newUser;
userList = new DirectoryEntry("LDAP://myServer/CN=Users,DC=myDomain,DC=de");
newUser = userList.Children.Add("CN=TestUser", "user");
newUser.CommitChanges();
This works fine when I do it in a Windows Application but if I
encapsulate the same code in a Web Service the Add-Method fails and I
get the following Exception:
System.Runtime.InteropServices.COMException (0x80004005): Unspecified
error at System.DirectoryServices.DirectoryEntry.Bind(Boolean
throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at
System.DirectoryServices.DirectoryEntry.get_IsContainer() at
System.DirectoryServices.DirectoryEntries.CheckIsContainer() at
System.DirectoryServices.DirectoryEntries.Add(String name, String
schemaClassName)
I'm using Windows Server 2003 with IIS 6.0. The application pool for
the Web Service uses an account with administrative privileges as
identity. This configuration seems to be ok. I tested it with a Web
Service in the same application pool which writes successfully
something into the registry (to HKEY_LOCAL_MACHINE which should be
only possible with administrative privilegs).
I tried to use credentials:
userList = new DirectoryEntry("LDAP://myServer/CN=Users,DC=myDomain,DC=de",
"adminUsername", "adminPassword");
but the same exception occurs.
I also tried other things but nothing works:
- added "<trust level="Full".../> to the web.config
- in the .NET Configuration I assigned FullTrust to the
LocalIntranet_Zone
- with the .NET Wizard I trusted the Web Service-Assembly
Can anybody point me to the right direction?
Frank Wehner
DirectoryEntry userList, newUser;
userList = new DirectoryEntry("LDAP://myServer/CN=Users,DC=myDomain,DC=de");
newUser = userList.Children.Add("CN=TestUser", "user");
newUser.CommitChanges();
This works fine when I do it in a Windows Application but if I
encapsulate the same code in a Web Service the Add-Method fails and I
get the following Exception:
System.Runtime.InteropServices.COMException (0x80004005): Unspecified
error at System.DirectoryServices.DirectoryEntry.Bind(Boolean
throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at
System.DirectoryServices.DirectoryEntry.get_IsContainer() at
System.DirectoryServices.DirectoryEntries.CheckIsContainer() at
System.DirectoryServices.DirectoryEntries.Add(String name, String
schemaClassName)
I'm using Windows Server 2003 with IIS 6.0. The application pool for
the Web Service uses an account with administrative privileges as
identity. This configuration seems to be ok. I tested it with a Web
Service in the same application pool which writes successfully
something into the registry (to HKEY_LOCAL_MACHINE which should be
only possible with administrative privilegs).
I tried to use credentials:
userList = new DirectoryEntry("LDAP://myServer/CN=Users,DC=myDomain,DC=de",
"adminUsername", "adminPassword");
but the same exception occurs.
I also tried other things but nothing works:
- added "<trust level="Full".../> to the web.config
- in the .NET Configuration I assigned FullTrust to the
LocalIntranet_Zone
- with the .NET Wizard I trusted the Web Service-Assembly
Can anybody point me to the right direction?
Frank Wehner