通过 LDAP 创建 LDS 用户时“指定的目录对象未绑定到远程资源”

Posted

技术标签:

【中文标题】通过 LDAP 创建 LDS 用户时“指定的目录对象未绑定到远程资源”【英文标题】:"The specified directory object is not bound to a remote resource" when creating LDS user via LDAP 【发布时间】:2013-01-23 14:27:03 【问题描述】:

我正在通过 LDAP 和 VB.Net 访问 AD LDS,并且可以毫无问题地创建和组织组。但是,每当我尝试创建用户时,我都会收到上述错误 specified directory object is not bound to a remote resource. 我在 SO 上看到了一些类似的问题,但这些解决方案对我不起作用。运行以下三个代码块中的任何一个时,我都会遇到相同的错误:

使用 System.DirectoryServices:

Dim rootEntry As DirectoryEntry = GetRootEntry()
Dim user As DirectoryEntry
Dim user_cn As String = String.Format("CN=01", firstName.Substring(0, 1), lastName)
Dim hosp_ou As String = BuildHospitalCN(HospitalName, HospitalID, "OU=Critical_Access_Hospitals")
user = rootEntry.Children.Find("OU=Users").Children.Find("OU=Critical_Access_Hospitals").Children.Find(hosp_ou).Children.Add(user_cn, "user")
With user
    .Properties("sAMAccountName").Value = String.Format("01", firstName.Substring(0, 1), lastName)
    .Properties("givenName").Value = firstName
    .Properties("sn").Value = lastName
End With
user.CommitChanges()

使用 System.DirectoryServices.AccountManagement:

Dim ctx As New PrincipalContext(ContextType.Domain)
Dim user As New UserPrincipal(ctx, _
                              String.Format("01", firstName.Substring(0, 1), lastName), _
                              "password", _
                              True)
user.SamAccountName = String.Format("01", firstName.Substring(0, 1), lastName)
user.GivenName = firstName
user.Surname = lastName
user.ExpirePasswordNow()
user.Save()

使用我在网上找到的一个通过 LDAP 专门针对 AD LDS 的示例:

Dim objADAM As DirectoryEntry
Dim objUser As DirectoryEntry
Dim strDisplayName As String
Dim strPath As String
Dim strUser As String
Dim strUserPrincipalName As String

strPath = ConfigurationManager.AppSettings("LDAP_ROOT").ToString

objADAM = New DirectoryEntry(strPath, _
                             ConfigurationManager.AppSettings("LDAP_USER"), _
                             ConfigurationManager.AppSettings("LDAP_PASS"), _
                             AuthenticationTypes.None)
objADAM.RefreshCache()

strUser = String.Format("CN=01", firstName.Substring(0, 1), lastName)
strDisplayName = String.Format("0 1", firstName, lastName)
strUserPrincipalName = String.Format("01@example.com", firstName.Substring(0, 1), lastName)

objUser = objADAM.Children.Add(strUser, "user")
objUser.Properties("displayName").Add(strDisplayName)
objUser.Properties("userPrincipalName").Add(strUserPrincipalName)
objUser.CommitChanges()

任何帮助将不胜感激!

【问题讨论】:

【参考方案1】:

sAMAccountName 不是此 LDS 存储库中的有效属性。

【讨论】:

以上是关于通过 LDAP 创建 LDS 用户时“指定的目录对象未绑定到远程资源”的主要内容,如果未能解决你的问题,请参考以下文章

LDAP/AD认证

使用 UserPrincipal 类创建新的 AD-LDS 用户总是失败

通过 Spring security ldap 对用户进行身份验证时未授予任何权限错误

Spring Security Active Directory LDAP 身份验证错误

Zabbix对接LDAP实现用户统一登录

Zabbix对接LDAP实现用户统一登录