I am trying to programmatically create a new Active Directory user that sets the sAMAccountName attribute with a value greater than 20 characters.
When I call DirectoryEntry.CommitChanges (), I get an error:
00000523: SysErr: DSID-031A0FB6, issue 22 (invalid argument), data 0
If I try to create a new user, sAMAccountName is less than 20 characters, everything will work.
Before anyone says that the sAMAccountName name limit is 20 characters, I want to point out that if I try to create the same user with sAMAccountName more than 20 characters using the Windows Active Directory Users and Computers tool, everything will work, I I see a new record in AD using the LDP tool, and the record has the name sAMAccountName with more than 20 characters.
Why can't I create a user using .NET?
The following is the code I'm using:
Using objDirEnt As DirectoryEntry = New DirectoryEntry("LDAP://my.domain.com/cn=Users,dc=my,dc=domain,dc=com", "username", "Password", AuthenticationTypes.Secure Or AuthenticationTypes.Sealing) Using usuario As DirectoryEntry = objDirEnt.Children.Add("CN=aaaaaa bbbbbbbbbb ccccccccc (aaaaaa.bbbbbb.ccccccccc)", "user") usuario.Properties("sAMAccountName").Value = "aaaaaa.bbbbbb.ccccccccc" usuario.Properties("userAccountControl").Value = AdsUserFlags.PasswordNotRequired usuario.Properties("name").Value = "aaaaaa bbbbbbbbbb ccccccccc" usuario.Properties("givenName").Value = "aaaaaa" usuario.Properties("sn").Value = "bbbbbbbbbb ccccccccc" usuario.CommitChanges() End Using End Using
Carlos Bomtempo
source share