tags:

views:

603

answers:

1
Q: 

Error adding users to roles in ADAM (A constraint violation occurred. (Exception from HRESULT: 0x8007202F)

I get the error " A constraint violation occurred. (Exception from HRESULT: 0x8007202F) " when trying to add users to a group. My code looks like this:

public string addUserToGroup(string userDN, string groupDN)
    {
        try
        {
            DirectoryEntry de = new DirectoryEntry("LDAP://localhost:389/" + groupDN);
            de.Username = "myUsername";
            de.Password = "myPassword";
            de.Properties["member"].Add(userDN);
            de.CommitChanges();
            de.Close();
            //return true;
            return "yes";
        }
        catch (Exception ex)
        {
            //return false;
            string errorMessage = ex.ToString();
            return errorMessage;
        }
    }

I'm not sure if it has something to do with the way I have set-up ADAM since I have used application directory partitions. So I have a DN of "CN=sandbox,DC=ITOrg" I then have 3 directory partitions like so:

CN=sandbox,CN=testApp1,DC=ITOrg

CN=sandbox,CN=testApp2,DC=ITOrg .. etc

I have my users stored only in "CN=sandbox,DC=ITOrg" but I then want to give users access to 1 or more of the partitions so I was trying to add the CN of the user e.g.

[email protected],CN=People,CN=sandbox,DC=ITOrg

to this:

CN=Readers,CN=Roles,CN=sandbox,CN=testApp1,DC=ITOrg

which does not work. Although the code does work if I add the user to the Role in CN=Readers,CN=Roles,CN=sandbox,DC=ITOrg. So does that mean that I have to store users in every partition? Duplicating data??

Does anyone have any thoughts? Thanks in advance

+1  A: 

Typically, you'll also have to set at least the SAM Account Name on a new user entry on "straight up AD" - not sure if that applies to ADAM as well.

Marc

marc_s  2009-06-17 16:58:59
Sorry not entirely sure what you mean by "straight up AD" - would you mind explaining a bit more? Thanks
samcooper11  2009-06-18 08:19:08
Ah sorry - I meant in the full blown Active Directory - not ADAM, but actual "AD".
marc_s  2009-06-18 09:40:32
oh ok thanks, I did take a look at what fields were required but that didn't seem to be the issue.After a bit more reading I think the issue is because I was trying to use members across partitions when in fact they should be treated as separate "worlds"
samcooper11  2009-06-19 12:20:20

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?