将用户添加到 ADAM 中的角色时出错(发生约束冲突。(HRESULT 异常:0x8007202F)
尝试将用户添加到组时出现错误。
发生了约束违规。 (HRESULT 异常:0x8007202F)
public string addUserToGroup(string userDN, string groupDN)
{
try
{
DirectoryEntry de = new DirectoryEntry("LDAP://localhost:389/" + groupDN);
de.Username = "myUsername";
de.Password = "myPassword";
de.Properties["member"].Add(userDN);
de.CommitChanges();
de.Close();
//return true;
return "yes";
}
我不确定这是否与我设置 ADAM 的方式有关,因为我使用了应用程序目录分区。 所以我的 DN 为 CN=sandbox,DC=ITOrg 然后我有 3 个目录分区,如下所示:
CN=sandbox,CN=testApp1,DC=ITOrg
CN=sandbox,CN=testApp2,DC=ITOrg .. etc
我的用户仅存储在 CN=sandbox,DC=ITOrg 中但我随后想让用户访问 1 个或多个分区,因此我尝试将用户的 CN 添加
[email protected],CN=People,CN=sandbox,DC=ITOrg
到此:
CN=Readers,CN=Roles,CN=sandbox,CN=testApp1,DC=ITOrg
这不起作用。 尽管如果我将用户添加到 CN=Readers,CN=Roles,CN=sandbox,DC=ITOrg 中的角色,代码确实可以工作。 那么这是否意味着我必须在每个分区中存储用户? 复制数据?
有人有想法吗?
I get the error when trying to add users to a group.
A constraint violation occurred. (Exception from HRESULT: 0x8007202F)
public string addUserToGroup(string userDN, string groupDN)
{
try
{
DirectoryEntry de = new DirectoryEntry("LDAP://localhost:389/" + groupDN);
de.Username = "myUsername";
de.Password = "myPassword";
de.Properties["member"].Add(userDN);
de.CommitChanges();
de.Close();
//return true;
return "yes";
}
I'm not sure if it has something to do with the way I have set-up ADAM since I have used application directory partitions. So I have a DN of CN=sandbox,DC=ITOrg I then have 3 directory partitions like so:
CN=sandbox,CN=testApp1,DC=ITOrg
CN=sandbox,CN=testApp2,DC=ITOrg .. etc
I have my users stored only in CN=sandbox,DC=ITOrg but I then want to give users access to 1 or more of the partitions so I was trying to add the CN of the user
[email protected],CN=People,CN=sandbox,DC=ITOrg
to this:
CN=Readers,CN=Roles,CN=sandbox,CN=testApp1,DC=ITOrg
which does not work. Although the code does work if I add the user to the Role in CN=Readers,CN=Roles,CN=sandbox,DC=ITOrg. So does that mean that I have to store users in every partition? Duplicating data?
Does anyone have any thoughts?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
通常,您还必须至少在“straight up AD”上的新用户条目上设置 SAM 帐户名称 - 不确定这是否也适用于 ADAM。
马克
Typically, you'll also have to set at least the SAM Account Name on a new user entry on "straight up AD" - not sure if that applies to ADAM as well.
Marc
您是否检查过您尝试创建的密码是否符合配置的密码策略?
另外,从您的示例来看,您似乎正在尝试以明文形式保存密码。 我对 ADAM 不熟悉,但大多数 Auth & 身份验证提供商要求您在尝试保存密码之前对密码进行哈希处理。
Have you checked whether the password you are trying to create adheres to the configured password policy?
Also, from your example, it seems that you are trying to save the password in clear text. I am not familiar with ADAM, but most Auth & Auth providers require that you hash the password before attempting to save it.