Home > Software engineering >  How to add a user from another domain to a local domain group?
How to add a user from another domain to a local domain group?

Time:04-20

Using C# I would like to add a user from one domain to a local domain. The domains have a two way trust. Currently I get the error

'No principal matching the specified parameters was found.' on the .Save() line.

I have the DN of the user (e.g 'CN=Adams, Sam,OU=Beer, DC=Drinkers,DC=local').

The groups is something like CN=Drunks, OU=Groups,DC=Bars,DC=local.

This works when it is the same domain, but when it is cross domains is when I get the error. The user account that I am using has admin rights locally and read rights in the other domain.

using (PrincipalContext pc = new PrincipalContext(ContextType.Domain, m_AD_connection.Domain, m_AD_connection.Path, ContextOptions.Negotiate, m_AD_connection.UserName, m_AD_connection.Password))
{
    GroupPrincipal group = GroupPrincipal.FindByIdentity(pc, GroupName);
    if (group != null)
    {
        group.Members.Add(pc, IdentityType.DistinguishedName, DN);
        group.Save();
        return true;
    }
    else
        return false;
}

Any suggestions on what I need to do?

CodePudding user response:

Your issue is in this line:

group.Members.Add(pc, IdentityType.DistinguishedName, DN);

The context parameter should be the context required to look up the user, not the group. So you need to create a new PrincipalContext for the second domain and pass that to Add(). For example:

var drinkersPc = new PrincipalContext(ContextType.Domain, "drinkers.local");
group.Members.Add(drinkersPc, IdentityType.DistinguishedName, DN);

Page link:https//www.codepudding.com/Softwareengineering/378110.html

Prev:Outlook VSTO Add-In - Cannot install Add-In on Outlook 2019
Next:Dynamically Change Font Size of All Controls in One WinForm Use C#
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding