2

I'm trying to add users programmatically to AD lDS instance. Here's how I add a user:

string ldap = "LDAP://xxxx";

var root = new DirectoryEntry(ldap);
var cn = "CN=" + "Joe" + "Blow";
var u = root.Children.Add(cn, "user");
//u.Properties["sAMAccountName"].Value = "jblow";
u.Properties["employeeID"].Value = "654321";
u.Properties["sn"].Value = "Blow";
u.Properties["givenName"].Value = "Joe";
u.Properties["comment"].Value = "a note for you";
u.Properties["homePhone"].Value = "55555555";
u.CommitChanges();

If I execute this code it will successfully add the user Joe Blow. However, if I try to add username sAMAccountName I get an error:

The specified directory service attribute or value does not exist.System.Exception {System.DirectoryServices.DirectoryServicesCOMException}

Using ADSI Edit I looked at the properties of the object and I DO NOT see sAMAccountName listed there!

enter image description here

How can I add username to AD LDS instance?

smr5
  • 2,593
  • 6
  • 39
  • 66
  • Readers: This script quickly adds the sAMAccountName attribute to the schema. I've used it and it works, but save script as unicode (see comments) and you may also need to add quotes around the "#configurationNamingContext" parameter when run (see instructions in file). Script link: https://gist.github.com/Nora-Ballard/9124822 – Yogi Dec 23 '18 at 21:26

2 Answers2

1

This should provide additional information: INFO

We typically keep the sAMAccountName and userPrincipalName UPN in sync but that can vary depending on your situation/organization.

You can try this:

u.Properties["sAMAccountName"].Add("jblow"); u.Properties["userPrincipalName"].Add("jblow"+ "@" + yourDomain );

Blake
  • 1,067
  • 14
  • 25
  • I have and it works. From my reading `userPrincipalName` is in the format `username@domain.com`. Could this be used as username? – smr5 Feb 05 '15 at 18:12
  • 1
    While this code sample may possibly answer the question, it would be preferable to include some essential explanation to your answer. As it stands now this answer adds little to no value for future readers. – oɔɯǝɹ Feb 05 '15 at 18:37
  • `samAccountName` by default is missing from AD LDS schema. However, `userPrincipalName` can be used as username as well to authenticate. – smr5 Jun 17 '15 at 21:22
0

Look here for an explanation to the problem: http://blog.joeware.net/2011/03/04/2214/

magnusarinell
  • 1,127
  • 14
  • 22