I'm trying to make a tool to list and change users group on active directory based on groups that manager has control. I'm stuck on listing function, and it keep getting me this error:
System.DirectoryServices.DirectoryServicesCOMException
Hresult=0x80072032 Message=Invalid distinguished name (DN) syntax specifiedLine: Dim searchResults As Search...
Public Class Form1
Private Sub btnSearch_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnsearch.Click
Dim managerID As String
managerID = mngID.Text
Dim employeeID As String
employeeID = empID.Text
Dim emptybox
emptybox = mngID.Text.Length
If emptybox < 8 Then
MsgBox("ManagerID Inválido")
End If
Dim emptybox2
emptybox2 = empID.Text.Length
If emptybox2 < 8 Then
MsgBox("EmployeeID Inválido")
End If
If emptybox = 8 Then
Dim domain = New PrincipalContext(ContextType.Domain)
Dim user = UserPrincipal.FindByIdentity(domain, managerID)
Dim userDN
userDN = user.DistinguishedName
Dim ADEntry As New DirectoryEntry
ADEntry.Path = "LDAP://domain/CN:Users;DC:domain"
Dim Groups As New Collection
Dim mySearcher As DirectorySearcher = New DirectorySearcher(ADEntry)
Dim arrList As New ArrayList()
mySearcher.Filter = "(&(ObjectClass=user)(DistinguisedName=" & userDN & "))"
mySearcher.PropertiesToLoad.Add("MemberOf")
Dim searchResults As SearchResultCollection = mySearcher.FindAll()
If searchResults.Count = 0 Then
MsgBox("ManagerID inválido2")
End If
If searchResults.Count > 0 Then
Dim group As New DirectoryEntry(searchResults(0).Path)
For Each member As Object In group.Properties("MemberOf")
groupbox.Items.Add(member)
Next
End If
End If
End Sub
CodePudding user response:
Your Error
Error 0x80072032 - ERROR_DS_INVALID_DN_SYNTAX An invalid 'dn' syntax has been specified
Here's something to get you going.
Example VB Script To Connect to Active Directory
Imports System
Imports System.Data
Imports System.Linq
Imports System.IO
Imports System.DirectoryServices
Imports System.DirectoryServices.AccountManagement
Imports System.DirectoryServices.ActiveDirectory
Imports System.Security
Imports System.Security.Permissions
Imports System.Text
Imports System.Collections
Imports System.ComponentModel
Imports System.Drawing
Imports System.Web
Imports System.Web.SessionState
Imports System.Web.UI
Imports System.Web.UI.WebControls
Imports System.Web.UI.HtmlControls
Public Function EnumerateDomains() As ArrayList
Dim alDomains As New ArrayList()
Dim currentForrest As Forest = Forest.GetCurrentForest()
Dim myDomains As DomainCollection = currentForrest.Domains
For Each objDomain As Domain In myDomains
alDomains.Add(objDomain.Name)
Next
Return alDomains
End Function
Public Function EumerateDomainUsers() As ArrayList
Dim domainUsers As New ArrayList()
Dim usr As String
'Dim fqdns As String = DropDownList1.SelectedItem.ToString()
Dim fqdns As String = DropDownList1.SelectedItem.Text
Dim adStrng As String = "LDAP://" & fqdns
Dim adEntry As DirectoryEntry = GetObject(adStrng)
Dim searcher As DirectorySearcher = New DirectorySearcher(adEntry)
searcher.Sort.PropertyName = "cn"
Dim results As SearchResultCollection
Dim result As SearchResult
searcher.PropertiesToLoad.Add("cn")
results = searcher.FindAll
For Each result In results
usr = result.GetDirectoryEntry().Properties("cn").Value
domainUsers.Add(usr)
Next
Return domainUsers
End Function
CodePudding user response:
There is a spelling mistake and should be "DistinguishedName" instead of "DistinguisedName":
mySearcher.Filter = "(&(ObjectClass=user)(DistinguishedName=" & userDN & "))"