从 AD 组中删除用户

发布于 2024-09-26 08:23:13 字数 2592 浏览 7 评论 0原文

我正在尝试通过代码从 Active Directory 组中删除用户。得到有用的错误:

目标抛出异常 调用”

跟踪:堆栈跟踪:位于 System.DirectoryServices.DirectoryEntry.Invoke(字符串 方法名称,对象[]参数)位于 Active_Directory.RemoveUserFromGroup(字符串 sInUserName、字符串 sInGroupName) 中 C:\Documents and Settings\user\My 文档\Visual Studio 2010\WebSites\应用程序名称\App_Code\Common\Active_Directory.vb:行 192

这是我的函数:

查看调用行:oGroup.Invoke("Remove", New Object() {oUser.Path})

Public Shared Sub RemoveUserFromGroup(ByVal sInUserName As String _
                                      , ByVal sInGroupName As String)
    Dim entry1 As DirectoryEntry
    Dim de As DirectoryEntry
    Dim deSearch As DirectorySearcher
    Dim results As SearchResult
    Dim comeon As String
    Dim oUser As DirectoryEntry
    Dim oGroup As DirectoryEntry
    Dim sr As SearchResult

    Try

        entry1 = New DirectoryEntry("LDAP://rootDSE")
        comeon = entry1.Properties("DefaultNamingContext").Item(0)
        de = New DirectoryEntry("LDAP://" & comeon)

        deSearch = New DirectorySearcher()
        deSearch.SearchRoot = de
        deSearch.Filter = "(sAMAccountName=" + sInUserName + ")"
        deSearch.PropertiesToLoad.Add("cn")
        sr = deSearch.FindOne()

        If sr Is Nothing Then
            oUser = Nothing
        Else
            oUser = sr.GetDirectoryEntry()
        End If

        deSearch.Dispose()
        deSearch = Nothing
        sr = Nothing

        If Not (oUser Is Nothing) Then

            deSearch = New DirectorySearcher()
            deSearch.SearchRoot = de
            deSearch.Filter = "(&(objectClass=group) (CN=" & sInGroupName & "))"
            deSearch.SearchScope = SearchScope.Subtree

            results = deSearch.FindOne()

            If results IsNot Nothing Then

                oGroup = results.GetDirectoryEntry()

                Try

                    oGroup.Invoke("Remove", New Object() {oUser.Path})
                    oGroup.CommitChanges()
                    oGroup.Close()

                Catch ex As Exception
                    Dim s As String
                    s = ex.ToString
                    s = ""
                End Try

            End If

            entry1.Dispose()
            de.Dispose()

            entry1 = Nothing
            de = Nothing
            deSearch = Nothing
            results = Nothing

        End If

        oUser.Close()

    Catch ex As Exception

        Dim myerror As New MyError
        myerror.showMeTheError(ex)

    End Try

End Sub

I am trying to delete a user from an Active Directory group via code. Getting the helpful error of:

Exception has been thrown by the targe
of an invocation"

Trace: Stack Trace: at
System.DirectoryServices.DirectoryEntry.Invoke(String
methodName, Object[] args) at
Active_Directory.RemoveUserFromGroup(String
sInUserName, String sInGroupName) in
C:\Documents and Settings\user\My
Documents\Visual Studio
2010\WebSites\appname\App_Code\Common\Active_Directory.vb:line
192

here is my function:

Check out the Invoke Line: oGroup.Invoke("Remove", New Object() {oUser.Path})

Public Shared Sub RemoveUserFromGroup(ByVal sInUserName As String _
                                      , ByVal sInGroupName As String)
    Dim entry1 As DirectoryEntry
    Dim de As DirectoryEntry
    Dim deSearch As DirectorySearcher
    Dim results As SearchResult
    Dim comeon As String
    Dim oUser As DirectoryEntry
    Dim oGroup As DirectoryEntry
    Dim sr As SearchResult

    Try

        entry1 = New DirectoryEntry("LDAP://rootDSE")
        comeon = entry1.Properties("DefaultNamingContext").Item(0)
        de = New DirectoryEntry("LDAP://" & comeon)

        deSearch = New DirectorySearcher()
        deSearch.SearchRoot = de
        deSearch.Filter = "(sAMAccountName=" + sInUserName + ")"
        deSearch.PropertiesToLoad.Add("cn")
        sr = deSearch.FindOne()

        If sr Is Nothing Then
            oUser = Nothing
        Else
            oUser = sr.GetDirectoryEntry()
        End If

        deSearch.Dispose()
        deSearch = Nothing
        sr = Nothing

        If Not (oUser Is Nothing) Then

            deSearch = New DirectorySearcher()
            deSearch.SearchRoot = de
            deSearch.Filter = "(&(objectClass=group) (CN=" & sInGroupName & "))"
            deSearch.SearchScope = SearchScope.Subtree

            results = deSearch.FindOne()

            If results IsNot Nothing Then

                oGroup = results.GetDirectoryEntry()

                Try

                    oGroup.Invoke("Remove", New Object() {oUser.Path})
                    oGroup.CommitChanges()
                    oGroup.Close()

                Catch ex As Exception
                    Dim s As String
                    s = ex.ToString
                    s = ""
                End Try

            End If

            entry1.Dispose()
            de.Dispose()

            entry1 = Nothing
            de = Nothing
            deSearch = Nothing
            results = Nothing

        End If

        oUser.Close()

    Catch ex As Exception

        Dim myerror As New MyError
        myerror.showMeTheError(ex)

    End Try

End Sub

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

浅忆流年 2024-10-03 08:23:13

你似乎做得非常复杂 - 不必要的。

查看 H如何在 Active Directory 中完成几乎所有操作 CodeProject 文章 - 很棒的东西。

以下是从组(也由 DN 定义)中删除用户(由其 DN 给出)所需的代码片段:

public void RemoveUserFromGroup(string userDn, string groupDn)
{
    try
    {
        DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
        dirEntry.Properties["member"].Remove(userDn);
        dirEntry.CommitChanges();
        dirEntry.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //doSomething with E.Message.ToString();

    }
}

这对您有用吗?

You seem to be doing it extremely complicated - unnecessarily so.

Check out the Howto do almost everything in Active Directory CodeProject article - excellent stuff.

Here's the snippet needed to remove a user (given by his DN) from a group (also defined by the DN):

public void RemoveUserFromGroup(string userDn, string groupDn)
{
    try
    {
        DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
        dirEntry.Properties["member"].Remove(userDn);
        dirEntry.CommitChanges();
        dirEntry.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //doSomething with E.Message.ToString();

    }
}

Does that work for you??

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文