Erro C# Invoke SetPassword Active Directory

Boas a todos


Estou a tentar fazer o trabalho para a minha PAP, usando C#, PHP, MySQL e o Active Directory. As contas vão ser criadas pelo programa C# na base de dados do Active Directory, mas sempre que tento criar uma conta recebo este erro:


System.Reflection.TargetInvocationException: O destino de uma invocação accionou uma excepção. ---> System.Runtime.InteropServices.COMException: O servidor de RPC não está disponível. (Excepção de HRESULT: 0x800706BA)
   --- Fim do rastreio da pilha de excepção interna ---
   em System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   em PAP.ldap_functions.createUser(String domain, String first, String last, String description, String password, String[] groups, String username, String email, Int32 mobile, String streetAddress, String city, String postalcode, Boolean enabled) em C:\Users\Karbust\source\repos\PAP\PAP\ldap_functions.cs:line 176

Estou a usar este código:

        public int createUser(String domain, String first, String last, String description, String password, String[] groups, String username, String email, Int32 mobile, String streetAddress, String city, String postalcode, bool enabled)
                // create new user object and write into AD             
                DirectoryEntry user = new DirectoryEntry(connectionstring_membros, adminlogin, adminpass);

                // User name (domain based)            
                DirectoryEntry objUser = user.Children.Add("CN=" + username, "user");

                // User name
                objUser.Properties["userPrincipalName"].Add(username + "@" + domain);

                // User name (older systems)           

                // Surname           

                // Forename           

                // Display name           
                objUser.Properties["displayname"].Add(first + " " + last);

                // Description           

                // E-mail           

                // Home dir (drive letter)           

                // Home dir (path)           


                // set user's password             
                objUser.Invoke("SetPassword", password);
                //objUser.Invoke("SetPassword", new object[] { password });

                // Mobile Number

                // Telephone Number

                // Street

                // City

                // State/Province

                // Zip/Postal Code

                // enable account if requested (see for other codes)              
                if (enabled)
                    objUser.Invoke("Put", new object[] { "userAccountControl", "512" });

                // add user to specified groups             
                foreach (String thisGroup in groups)
                    DirectoryEntry newGroup = objUser.Parent.Children.Find("CN=" + thisGroup, "group");

                    if (newGroup != null)
                        newGroup.Invoke("Add", new object[] { objUser.Path.ToString() });


                // make home folder on server                      

                // set permissions on folder, we loop this because if the program           
                // tries to set the permissions straight away an exception will be           
                // thrown as the brand new user does not seem to be available, it takes           
                // a second or so for it to appear and it can then be used in ACLs           
                // and set as the owner             
                /*bool folderCreated = false;

                while (!folderCreated)
                        // get current ACL                   
                        DirectoryInfo dInfo = new DirectoryInfo(homeDir);
                        DirectorySecurity dSecurity = dInfo.GetAccessControl();

                        // Add full control for the user and set owner to them                   
                        IdentityReference newUser = new NTAccount(domain + @"\" + username);
                        FileSystemAccessRule permissions = new FileSystemAccessRule(newUser, FileSystemRights.FullControl, AccessControlType.Allow);

                        // Set the new access settings.                   
                        folderCreated = true;
                    catch (System.Security.Principal.IdentityNotMappedException)
                    catch (Exception ex)
                        // other exception caught so not problem with user delay as                  
                        // commented above                   
                        Console.WriteLine("Exception caught:" + ex.ToString());
                        return 0;

                return 1;
            catch(Exception ex)
                MessageBox.Show("Exception caught: " + ex.ToString(), "Criar Cliente");


                return 0;

A conta é criada, mas na execução desta linha:

objUser.Invoke("SetPassword", password);

recebo o erro indicado em cima e o para por aqui, já não executa o resto dos comandos...


Estou a usar um código que encontrei na net, no qual a conta é criada e não recebo nenhum erro:

using System;
using System.Text;
using System.DirectoryServices;
using System.IO;
using System.Security.AccessControl;
using System.Security.Principal;
using System.DirectoryServices.Protocols;
using System.DirectoryServices.AccountManagement;

namespace activeDirectoryLdapExamples
    class Program
        static void Main(string[] args)
            // connect to LDAP             
            //DirectoryEntry myLdapConnection = createDirectoryEntry();

            // define vars for user             
            String domain = "vm.pap";
            String first = "First name";
            String last = "Last name";
            String description = ".NET Test";
            String password = "xpto001!";
            String[] groups = { "gr_membros" };
            //String username = first.ToLower() + last.Substring(0, 1).ToLower();
            String username = "charparodar";
            String email = "[email protected]";
            String homeDrive = "H:";
            String homeDir = @"\\vm.pap\data3\USERS\" + username;

            // create user            
                if (createUser(domain, first, last, description, password, groups, username, email, homeDrive, homeDir, true) == 0)
                    Console.WriteLine("Account created!");
                    Console.WriteLine("Problem creating account :(");
            catch (Exception e)
                Console.WriteLine("Exception caught:\n\n" + e.ToString());
        static int createUser(String domain, String first, String last, String description, String password, String[] groups, String username, String email, String homeDrive, String homeDir, bool enabled)
            // create new user object and write into AD             
            //DirectoryEntry user = myLdapConnection.Children.Add("OU=" + first + ",OU= " + last, "user");
            //DirectoryEntry user = myLdapConnection.Children.Add("CN=" + first + " " + last, "user");
            DirectoryEntry user = new DirectoryEntry("LDAP://vmpap/OU=Membros,OU=Utilizadores,DC=vm,DC=pap", "Administrator", "xpto001!");

            // User name (domain based)            
            //user.Properties["userprincipalname"].Add(username + "@" + domain);
            //user.Invoke("Add", new object[] { username + "@" + domain });
            //user.Invoke("Add", new object[] { "[email protected]" });
            DirectoryEntry objUser = user.Children.Add("CN=charparodar","user");

            // User name
            objUser.Properties["userPrincipalName"].Add(username + "@" + domain);

            // User name (older systems)           

            // Surname           

            // Forename           

            // Display name           
            objUser.Properties["displayname"].Add(first + " " + last);

            // Description           

            // E-mail           

            // Home dir (drive letter)           

            // Home dir (path)           


            // set user's password             
            objUser.Invoke("SetPassword", password);

            // enable account if requested (see for other codes)              
            if (enabled)
                objUser.Invoke("Put", new object[] { "userAccountControl", "512" });

            // add user to specified groups             
            foreach (String thisGroup in groups)
                DirectoryEntry newGroup = objUser.Parent.Children.Find("CN=" + thisGroup, "group");

                if (newGroup != null)
                    newGroup.Invoke("Add", new object[] { objUser.Path.ToString() });


            // make home folder on server                      

            // set permissions on folder, we loop this because if the program           
            // tries to set the permissions straight away an exception will be           
            // thrown as the brand new user does not seem to be available, it takes           
            // a second or so for it to appear and it can then be used in ACLs           
            // and set as the owner             
            /*bool folderCreated = false;

            while (!folderCreated)
                    // get current ACL                   
                    DirectoryInfo dInfo = new DirectoryInfo(homeDir);
                    DirectorySecurity dSecurity = dInfo.GetAccessControl();

                    // Add full control for the user and set owner to them                   
                    IdentityReference newUser = new NTAccount(domain + @"\" + username);
                    FileSystemAccessRule permissions = new FileSystemAccessRule(newUser, FileSystemRights.FullControl, AccessControlType.Allow);

                    // Set the new access settings.                   
                    folderCreated = true;
                catch (System.Security.Principal.IdentityNotMappedException)
                catch (Exception ex)
                    // other exception caught so not problem with user delay as                  
                    // commented above                   
                    Console.WriteLine("Exception caught:" + ex.ToString());
                    return 1;
            return 0;
        static DirectoryEntry createDirectoryEntry()
            // create and return new LDAP connection with desired settings             
            DirectoryEntry ldapConnection = new DirectoryEntry("vm.pap");
            ldapConnection.Path = "LDAP://,DC=vm,DC=pap";
            ldapConnection.AuthenticationType = AuthenticationTypes.Secure;
            return ldapConnection;

Alguém sabe como resolver este problema?


O servidor do Active Directory é o mesmo, a ser usado no Windows Server 2012 R2.



Não seria mais fácil fazer tudo com PHP?

1 minuto atrás, Kajo ✌ disse:

Não seria mais fácil fazer tudo com PHP?


O meu projeto é fazer um software de gestão de uma lan house, no qual as contas para os clientes usarem nos computadores serão criadas pelo C# que vai estar apenas na loja física, enquanto que com o PHP vai ser possível pagar faturas e assim...


E além disso, já fiz a apresentação do pré-projeto da PAP, já se sabe o que vou fazer, estava tudo a correr bem, mas ao usar o código no meu programa dá erro aí...

Eu C# não percebo quase nada, daí te dizer que fazer tudo em PHP seria mais fácil.

Agora, Kajo ✌ disse:

Eu C# não percebo quase nada, daí te dizer que fazer tudo em PHP seria mais fácil.


O login no site PHP vai ser feito também no Active Directory

