Re: Adding users to active directory

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

Your question is not specific to OpenLDAP Software.  Please
take it to an MS AD forum.  Thanks, Kurt

At 09:17 PM 3/23/2004, Matthew Smith wrote:
>I have managed to get open ldap to connect to connect to my AD using 
>python-ldap, thanks for the help on that...
>
>I can change passwords, delete and modify users with no problems, but adding 
>new users is turning out to be a bit trickier. When I attempt to add one, AD 
>returns the following:
>
>0000209A: SvcErr: DSID-031A0929, problem 5003 (WILL_NOT_PERFORM), data 0, DSA 
>is unwilling to perform
>
>Not very helpful as error messages go :)
>
>I believe my problem is correctly creating the data for each attribute, eg (a 
>user I created through active directory):
>
>dn: CN=getbusi,CN=Users,DC=testing,DC=com
>accountExpires: 9223372036854775807
>badPasswordTime: 0
>badPwdCount: 0
>codePage: 0
>cn: getbusi
>countryCode: 0
>displayName: getbusi
>givenName: getbusi
>instanceType: 4
>lastLogoff: 0
>lastLogon: 0
>logonCount: 0
>distinguishedName: CN=getbusi,CN=Users,DC=testing,DC=com
>objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=testing,DC=com
>objectClass: top
>objectClass: person
>objectClass: organizationalPerson
>objectClass: user
>objectGUID:: F+ocYTvtdUeLTBaaFl0jog==
>objectSid:: AQUAAAAAAAUVAAAAilpBYCfH9W1DFwoyVAQAAA==
>primaryGroupID: 513
>pwdLastSet: 127245658627812500
>name: getbusi
>sAMAccountName: getbusi
>sAMAccountType: 805306368
>userAccountControl: 66048
>userPrincipalName: getbusi@testing.com
>uSNChanged: 2992
>uSNCreated: 2988
>whenChanged: 20040324013742.0Z
>whenCreated: 20040324013742.0Z
>
>Does anyone have any experiance with this? I don't know what attributes are 
>important and what I can safely ignore...
>
>Thanks
>
>Matt Smith