1

我正在尝试通过代码从 Active Directory 组中删除用户。得到有用的错误:

调用的目标已引发异常”

跟踪:堆栈跟踪:在 System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at Active_Directory.RemoveUserFromGroup(String sInUserName, String sInGroupName) 在 C:\Documents and Settings\user\My Documents\Visual Studio 2010\ WebSites\appname\App_Code\Common\Active_Directory.vb:第 192 行

这是我的功能:

查看调用行:oGroup.Invoke("Remove", New Object() {oUser.Path})

Public Shared Sub RemoveUserFromGroup(ByVal sInUserName As String _
                                      , ByVal sInGroupName As String)
    Dim entry1 As DirectoryEntry
    Dim de As DirectoryEntry
    Dim deSearch As DirectorySearcher
    Dim results As SearchResult
    Dim comeon As String
    Dim oUser As DirectoryEntry
    Dim oGroup As DirectoryEntry
    Dim sr As SearchResult

    Try

        entry1 = New DirectoryEntry("LDAP://rootDSE")
        comeon = entry1.Properties("DefaultNamingContext").Item(0)
        de = New DirectoryEntry("LDAP://" & comeon)

        deSearch = New DirectorySearcher()
        deSearch.SearchRoot = de
        deSearch.Filter = "(sAMAccountName=" + sInUserName + ")"
        deSearch.PropertiesToLoad.Add("cn")
        sr = deSearch.FindOne()

        If sr Is Nothing Then
            oUser = Nothing
        Else
            oUser = sr.GetDirectoryEntry()
        End If

        deSearch.Dispose()
        deSearch = Nothing
        sr = Nothing

        If Not (oUser Is Nothing) Then

            deSearch = New DirectorySearcher()
            deSearch.SearchRoot = de
            deSearch.Filter = "(&(objectClass=group) (CN=" & sInGroupName & "))"
            deSearch.SearchScope = SearchScope.Subtree

            results = deSearch.FindOne()

            If results IsNot Nothing Then

                oGroup = results.GetDirectoryEntry()

                Try

                    oGroup.Invoke("Remove", New Object() {oUser.Path})
                    oGroup.CommitChanges()
                    oGroup.Close()

                Catch ex As Exception
                    Dim s As String
                    s = ex.ToString
                    s = ""
                End Try

            End If

            entry1.Dispose()
            de.Dispose()

            entry1 = Nothing
            de = Nothing
            deSearch = Nothing
            results = Nothing

        End If

        oUser.Close()

    Catch ex As Exception

        Dim myerror As New MyError
        myerror.showMeTheError(ex)

    End Try

End Sub
4

1 回答 1

3

您似乎做得非常复杂-不必要地这样做。

查看如何在 Active Directory CodeProject 文章中做几乎所有事情 - 很棒的东西。

这是从组(也由 DN 定义)中删除用户(由他的 DN 给出)所需的片段:

public void RemoveUserFromGroup(string userDn, string groupDn)
{
    try
    {
        DirectoryEntry dirEntry = new DirectoryEntry("LDAP://" + groupDn);
        dirEntry.Properties["member"].Remove(userDn);
        dirEntry.CommitChanges();
        dirEntry.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //doSomething with E.Message.ToString();

    }
}

那对你有用吗??

于 2010-10-06T16:44:40.153 回答