Windows Server - "The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)"

Asked By dgender on 16-Jul-08 09:42 PM
Hi,
I've written script using vb.net that will read objects from AD, and
sync them with my ADAM instance.  I'm using the polling mechanism and
pointing always to the same DC, by checking usncreated against
hightestUSN on that DC I will add user/group/wks objects.
This is working fine, however I run into issue with creation some
users (all users are created as class userproxy)
I get following error message:

HRESULT: 0x80072035)"
If I create the same user as class "user" it works.  I've tried to
remove all additional attributes and only have dn, ObjectSID still get
same error.
The error occurs when I'm trying to do "commit.changes"
snippet from code:
Dim dom As New DirectoryEntry("LDAP://" & strADAM,
Dim user As DirectoryEntry =3D dom.Children.Add("CN=3D" &
strUserNameCN, "userproxy")
user.Properties("objectSID").Add(GetUserSID(userDN))
'user.Properties("employeeNumber").Value =3D
strEmployeeID.ToString
'user.Properties("displayName").Value =3D
strDisplayName.ToString
'user.Properties("co").Value =3D strCountry.ToString
'user.Properties("physicalDeliveryOfficeName").Value =3D
strOffice.ToString
'user.Properties("telephoneNumber").Value =3D
strTelephone.ToString

' Commit the new user to the directory.
user.CommitChanges()                 =84=BB When doing this
call the error occurs.

I've managed to create around 100,000 user objects, 100+ groups and
30,000 workstation objects.  The error seems to occur for 10-20 users
(always the same users).  If I compare these users against other users
I cannot see any differences.

Any ideas suggestions are appreciated




Joe Kaplan replied on 14-Jul-08 02:41 PM
Are you sure you aren't accidentally trying to create a proxy for a SID that
already exists in ADAM?

Note that you probably will have better results using DirSync rather than
usnChanged polling or perhaps just using ADAMSync directly instead of
writing your own thing here. That might not work if there is something
special about your application where you can't do that, but usually those
approaches work better.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
Hi,
I've written script using vb.net that will read objects from AD, and
sync them with my ADAM instance.  I'm using the polling mechanism and
pointing always to the same DC, by checking usncreated against
hightestUSN on that DC I will add user/group/wks objects.
This is working fine, however I run into issue with creation some
users (all users are created as class userproxy)
I get following error message:

HRESULT: 0x80072035)"
If I create the same user as class "user" it works.  I've tried to
remove all additional attributes and only have dn, ObjectSID still get
same error.
The error occurs when I'm trying to do "commit.changes"
snippet from code:
Dim dom As New DirectoryEntry("LDAP://" & strADAM,
Dim user As DirectoryEntry = dom.Children.Add("CN=" &
strUserNameCN, "userproxy")
user.Properties("objectSID").Add(GetUserSID(userDN))
'user.Properties("employeeNumber").Value =
strEmployeeID.ToString
'user.Properties("displayName").Value =
strDisplayName.ToString
'user.Properties("co").Value = strCountry.ToString
'user.Properties("physicalDeliveryOfficeName").Value =
strOffice.ToString
'user.Properties("telephoneNumber").Value =
strTelephone.ToString

' Commit the new user to the directory.
user.CommitChanges()                 „» When doing this
call the error occurs.

I've managed to create around 100,000 user objects, 100+ groups and
30,000 workstation objects.  The error seems to occur for 10-20 users
(always the same users).  If I compare these users against other users
I cannot see any differences.

Any ideas suggestions are appreciated
dgender replied on 16-Jul-08 09:42 PM
On 14 jul, 20:41, "Joe Kaplan"
hat
g"http://www.directoryprogramming.net
strADAM,
en.Add("CN=3D" &
ID(userDN))
=3D
ry.ToString
ame").Value =3D
=3D
=A0 =A0 =A0 =84=BB When doing this

Joe,

The issue indeed was caused by adding objects for which already SID
existed in ADAM.  Most likely object that was renamed.  I will do
lookup first to see if SID exist and then either update existing user,
or delete user and re-create using new name and attributes, group
memberships.

Thx for quick response.