Change AD user Terminal Server properties with C#

Question

I am using System.DirectoryServices.DirectoryEntry to create AD user and everything work fine except for some Remote Desktop specifics properties.

Exemple :

newUser.Properties["msTSConnectClientDrives"].Value = false;
newUser.Properties["msTSConnectPrinterDrives"].Value = false;
newUser.Properties["msTSDefaultToMainPrinter"].Value = false;

This doesn't throw any exception, so I guess the properties are found in the object but they don't have any effect. When I go into the property window of that user, under "Environment" tab, these 3 checkbox are still checked on.

Am I missing something particular for these properties ?

Thank for your help.

EDIT :

Sorry I have been really busy, here is a code sample :

    private string CreateNewADAccount(string accountName, string accountPassword)
    {
        try
        {
            PrincipalContext context = new PrincipalContext(ContextType.Domain, "SV-LITE", @"LITE\xxxxxxxx", "yyyyyyyy");

            UserPrincipal newUser = new UserPrincipal(context);
            newUser.SamAccountName = accountName;
            newUser.UserPrincipalName = accountName;
            newUser.Name = "LiteUser2015 - " + accountName;
            newUser.DisplayName = "LiteUser2015 - " + accountName;
            newUser.SetPassword(accountPassword);
            newUser.PasswordNeverExpires = true;
            newUser.UserCannotChangePassword = true;

            newUser.Save();

            // Set advanced properties
            if (newUser.GetUnderlyingObjectType() == typeof(DirectoryEntry))
            {
                DirectoryEntry entry = (DirectoryEntry)newUser.GetUnderlyingObject();

                entry.Properties["msTSConnectClientDrives"].Value = false;
                entry.Properties["msTSConnectPrinterDrives"].Value = false;
                entry.Properties["msTSDefaultToMainPrinter"].Value = false;
                entry.Properties["msTSInitialProgram"].Value = "test";

                entry.CommitChanges();
            }

            return newUser.Guid.ToString();

        }
        catch (Exception e)
        {
            MessageBox.Show("Failed to create PrincipalContext. Exception: " + e);
        }

        return null;
    }

score 1 · Answer 1 · answered Apr 24 '15 at 15:49

1

After making the changes, you have to call CommitChanges - newUser.CommitChanges();

See https://msdn.microsoft.com/en-us/library/system.directoryservices.directoryentry.commitchanges%28v=vs.110%29.aspx

By default, changes to properties are made locally to a cache..

answered Apr 24 '15 at 15:49

Dan

158
6

can you update your question with a more complete code example? – Dan May 01 '15 at 16:16

score 0 · Answer 2 · answered May 01 '15 at 07:24

0

It might have something to do with the Server OS version you're using. I found this answer on another site that talks about Windows 2000 and 2003. It should work for Windows2008 and above:

For 2000 / 2003 you have to access them using the Terminal Services ADSI extension. The reference for that is here:

http://msdn.microsoft.com/en-us/library/aa380823(VS.85).aspx

answered May 01 '15 at 07:24

Jeremy Thompson

61,933
36
195
321

OK (I probably should have asked in a comment). Anyway here is MSDN article saying that Windows 2008 and above DOES support it: https://msdn.microsoft.com/en-us/library/cc220553.aspx – Jeremy Thompson May 01 '15 at 07:32

Change AD user Terminal Server properties with C#

2 Answers2