Question

我试着像下面这样做，得到~~“服务器不愿意处理请求。”因为这一行newUser.Invoke("Put", new object[] { "userAccountControl", "512" });我对它进行了评论，但它的工作却发现了新的~~异常“由调用的目标引发”newUser.Invoke("SetPassword", new object[] { model.Password });

在此之前我使用窗口服务器2003R2（VM）到Active目录没有问题。现在我用窗口服务器2012R2有问题为什么？

     ConnectAD con = new ConnectAD();
                DirectoryEntry de = con.GetConnection();
                Utility ut = new Utility();

                using (DirectorySearcher searcher = new DirectorySearcher(de))
                {
                    searcher.Filter = string.Format("(&(objectClass=user)(sAMAccountName={0}))", model.UserName);
                    using (SearchResultCollection resultUser = searcher.FindAll())
                    {
                        bool DoesExistUsesr = resultUser.Count > 0;
                        if (!DoesExistUsesr)
                        {//User doesn't exist
                            searcher.Filter = string.Format("(&(objectClass=organizationalUnit)(ou={0}))", model.Group);
                            using (SearchResultCollection resultOU = searcher.FindAll())
                            {
                                bool DoesExistOU = resultOU.Count > 0;
                                if (DoesExistOU)
                                {//OU does exist
                                    de.Path = ut.SetChildPath("OU=" + model.Group);//"LDAP://" + Properties.Settings.Default.domainMyAD + "/" + "OU=" + model.Group + "," + Properties.Settings.Default.pathMyAD;
                                    DirectoryEntry newUser = de.Children.Add("CN=" + model.UserName, "user");
                                    newUser.Properties["displayName"].Value = model.Name + " " + model.Surname;
                                    newUser.Properties["givenName"].Value = model.Name;
                                    newUser.Properties["sn"].Value = model.Surname;
                                    newUser.Properties["mail"].Value = model.Email;
                                    newUser.Properties["department"].Value = model.Department;
                                    newUser.Properties["title"].Value = model.Title;
                                    newUser.Properties["userPrincipalName"].Value = model.UserName + "@" + Properties.Settings.Default.domainMyAD;
                                    newUser.Properties["sAMAccountname"].Value = model.UserName;
                                    newUser.Properties["PwdLastSet"].Value = -1;
                                    newUser.CommitChanges(); 
                                    newUser.Invoke("SetPassword", new object[] { model.Password }); //<-- ***thrown by the target of an invocation***
                                    newUser.Invoke("Put", new object[] { "userAccountControl", "512" });
                                    newUser.CommitChanges();
                                }....

提前致谢。

内部异常：密码不符合密码策略要求。检查最小密码长度，密码复杂性和密码历史记录要求 - 错误代码：800708c5

Answer 1

您无法启用没有密码的帐户（设置userAccountControl为512的操作）。您必须在保存新帐户后执行此操作。

但您也不需要使用Invoke来设置userAccountControl属性。在第一次CommitChanges后尝试这个：

...
//newUser.Invoke("Put", new object[] { "userAccountControl", "512" }); <-- Remove this
newUser.CommitChanges();
newUser.Invoke("SetPassword", model.Password);
newUser.Properties["userAccountControl"].Value = 512;
newUser.CommitChanges();

Answer 2

我解决了。关于密码复杂性（大写，小写，长度）的内部例外。这个案例我用密码123测试创建帐户。我是AD的新手:(

当我尝试添加用户异常时：服务器不愿意处理请求。和setPassword异常：由调用目标抛出

2 个答案: