Directory Programming .NET

Active Directory and ADAM programming support for .NET developers

Welcome to Directory Programming .NET Sign in | Join | Help

Directory Programming .NET » General Discussions » Active Directory/ADAM LDAP Dis... » How to change "Primary Group" of a User in VB.NET

How to change "Primary Group" of a User in VB.NET

Last post 07-05-2009, 9:36 AM by joe. 2 replies.


	Sort Posts: Previous Next

07-02-2009, 11:56 AM 6776

PDH
Joined on 07-02-2009
Posts 2

How to change "Primary Group" of a User in VB.NET

My program needs to change the Primary Group of the user from "Domain Users" to "MYGROUP" and remove the user from "Domain Users". I have written the following code, which fails on the server. This program is ruinning on .net Framework 3.5 and Windows Server 2003 x64 SP2. (This code is working fine on my local server having Windows Server 2003 x32 SP2)

'Create Directory Entries

Dim deRBGroup As DirectoryEntry = New DirectoryEntry("LDAP://10.10.60.10/CN=MYGROUP,CN=Users,DC=FAW,DC=COM")

Dim deUser As DirectoryEntry = New DirectoryEntry("LDAP://10.10.60.10/CN=STEVE,CN=Users,DC=FAW,DC=COM")

Dim deDomainUsers As DirectoryEntry = New DirectoryEntry("LDAP://10.10.60.10/CN=Domain Users,CN=Users;DC=FAW,DC=COM")

Dim primaryGroupToken As Object = Nothing

'Get Primary Group Token of MYGROUP

deRBGroup.Invoke("GetInfoEx", New Object() {New Object() {"primaryGroupToken"}, 0})

primaryGroupToken = deRBGroup.Invoke("Get", New Object() {"primaryGroupToken"})

'Assign Primary Group Token value of MYROUP to the User's PrimaryGroupID

deUser.Properties("primaryGroupID").Value = primaryGroupToken

deUser.CommitChanges()

'Remove the User from "Domain Users" group

deDomainUsers.Properties("member").Remove(deUser.Path)

deDomainUsers.CommitChanges()

'--------------------------------------

I am getting the following error when I run this code. Please help.

"A referral was returned from the server"

Callstack:    at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
   at System.DirectoryServices.DirectoryEntry.Bind()
   at System.DirectoryServices.DirectoryEntry.get_NativeObject()
   at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at ProcessADVUsers.ModActiveDirectory.MakeRBUSERSGroupPrimary(String sUSERNAME)

Report abuse

07-03-2009, 9:39 AM 6780 in reply to 6776

PDH
Joined on 07-02-2009
Posts 2

Re: How to change "Primary Group" of a User in VB.NET

Well, the problem is solved now. Actually both servers are on different domains. Instead of DC=FAW in the above Directory Path string, I mentioned DC=EXPERTS (the actual DOMAIN of my second server). The above code is working fine.

Report abuse

07-05-2009, 9:36 AM 6781 in reply to 6776

joe
Joined on 04-05-2006
Chicago, IL
Posts 2,720

Re: How to change "Primary Group" of a User in VB.NET

Referrals are typically returned when you request an object in a location where it is not actually located but the server thinks it might know where the object is. That typically happens as a result of specifying an incorrect path.

First off, I recommend you avoid using IP addresses for connecting to domain controllers. It can cause a variety of problems (such as broken Kerberos authentication) and should never be necessary since DNS really needs to be working for AD to work.

The next thing to do is to check all your distinguished names and ensure they are all correct. This is the most likely problem.

Additionally, you don't need to invoke GetInfoEx or GetEx. RefreshCache works fine for this to load the property cache and then the value will be available in the PropertyValueCollection. However, that's more of a tweak and not related to the current issue.

Report abuse