这个异常的原因是LDAP的path没有写正确 应该是域名的问题
System.DirectoryServices.DirectoryServicesCOMException was caught
Message=从服务器返回了一个参照。
Source=System.DirectoryServices
ErrorCode=-2147016661
ExtendedError=8235
ExtendedErrorMessage=0000202B: RefErr: DSID-031006E0, data 0, 1 access points
ref 1: 'bdxy'
StackTrace:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.RefreshCache()
at System.DirectoryServices.DirectoryEntry.FillCache(String propertyName)
at System.DirectoryServices.PropertyCollection.KeysCollection.GetEnumerator()
at WFAOPAD.ADForm.AccsesAD(String path, String account, String pwd) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/WFAOPAD/ADForm.cs:line 30
InnerException:
这个异常原因是LDAP的path没有写正确 应该是DN的问题
System.Runtime.InteropServices.COMException was caught
Message=Unknown error (0x80005000)
Source=System.DirectoryServices
ErrorCode=-2147463168
StackTrace:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.RefreshCache()
at System.DirectoryServices.DirectoryEntry.FillCache(String propertyName)
at System.DirectoryServices.PropertyCollection.KeysCollection.GetEnumerator()
at WFAOPAD.ADForm.AccsesAD(String path, String account, String pwd) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/WFAOPAD/ADForm.cs:line 30
InnerException:
System.Reflection.TargetInvocationException was caught
Message=Exception has been thrown by the target of an invocation.
Source=System.DirectoryServices
StackTrace:
at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
at WFAOPAD.ADForm.AddADAccount(String path, String account, String password, String addUser, String addPwd) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/WFAOPAD/ADForm.cs:line 183
InnerException: System.IO.FileNotFoundException
Message=文件名、目录名或卷标语法不正确。 (Exception from HRESULT: 0x8007007B)
Source=""
InnerException:
端口号 异常的问题 解决方案 不要ad默认端口号 我觉得调用的不是默认端口号
这个异常的问题是 LDAP访问的path不对
System.DirectoryServices.DirectoryServicesCOMException was unhandled
Message=在服务器上没有这样一个对象。 (Exception from HRESULT: 0x80072030)
Source=System.DirectoryServices
ErrorCode=-2147016656
ExtendedError=8333
ExtendedErrorMessage=0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=Users,DC=bdxy,DC=com'
StackTrace:
at System.DirectoryServices.DirectoryEntries.Find(String name, String schemaClassName)
at WFAOPAD.ADForm.btnUse_Click(Object sender, EventArgs e) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/WFAOPAD/ADForm.cs:line 230
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.Run(Form mainForm)
at WFAOPAD.Program.Main() in D:/我的文档/Visual Studio 2010/Projects/wfaAD/WFAOPAD/Program.cs:line 18
at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean ignoreSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
InnerException:
重命名语法的问题
System.DirectoryServices.DirectoryServicesCOMException was caught
Message=指定了一个无效的 dn 语法。 (Exception from HRESULT: 0x80072032)
Source=System.DirectoryServices
ErrorCode=-2147016654
ExtendedError=8335
ExtendedErrorMessage=0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME), data 8350, best match of:
'123456,OU=net,OU=jskf,OU=bdxyxx,DC=bdxy,DC=com'
StackTrace:
at System.DirectoryServices.DirectoryEntry.MoveTo(DirectoryEntry newParent, String newName)
at System.DirectoryServices.DirectoryEntry.Rename(String newName)
at OperateADLibrary.OperateAD.RenameUser(String oldUserName, String newUserName) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/OperateADLibrary/OperateAD.cs:line 117
InnerException:
密码不正确
System.Reflection.TargetInvocationException was caught
Message=Exception has been thrown by the target of an invocation.
Source=System.DirectoryServices
StackTrace:
at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
at OperateADLibrary.OperateAD.ChangePassword(String username, String oldpwd, String newpwd) in D:/我的文档/Visual Studio 2010/Projects/wfaAD/OperateADLibrary/OperateAD.cs:line 180
InnerException: System.Runtime.InteropServices.COMException
Message=指定的网络密码不正确。 (Exception from HRESULT: 0x80070056)
Source=""
ErrorCode=-2147024810
InnerException:
最后的一个总结是, 大部分的出错原因是LDAP的访问语法书写错误,而且很多的操作都在代码里体会就明白,和数据库的操作很类似。
用ldap方式访问AD域的的错误一般会如下格式:
LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece
其中红字部分的意思如下:
525 - 用户没有找到
52e - 证书不正确
530 - not permitted to logon at this time
532 - 密码期满
533 - 帐户不可用
701 - 账户期满
773 - 用户必须重设密码