Hi ,
I am getting above exception while adding user to AD group.We are suddenly getting this exception in the Server.
We are using System.DirectoryServices.AccountManagement library for adding user to the AD group.
group.Members.Add(pc, IdentityType.SamAccountName, userId);
group.Save(); -----> Access Denied Exception .
Details Exception :
at System.DirectoryServices.Interop.UnsafeNativeMethods.IAds.SetInfo()
at System.DirectoryServices.DirectoryEntry.CommitChanges()
at System.DirectoryServices.AccountManagement.ADStoreCtx.UpdateGroupMembership(Principal group, DirectoryEntry de,
More information:
-------------------
- Our AD Admin Team removed the Native Access Feature.
- Authenticate user ,Searching user and Ad group using below methods is working fine but above feature is not working
UserPrincipal user = UserPrincipal.FindByIdentity(Objprincepalcontext, userId);
GroupPrincipal group = GroupPrincipal.FindByIdentity(Objprincepalcontext, groupName);
- To add user to the group i am using Account which is secondary owner of the distribution List.Using this account we are able add user through Active Roles site.
I have tried below way to fix but no luck
- Impersonation in the Web.config
- Giving Full Access to Drive and folder in IIS
- Tried by installing quest management tool for ARS SDK 7.0
I am using .NET 4.5, Active Directory 2008, IIS7
Please help me fixing this issue ASAP.