Home/ Questions/Q 6920161
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T10:06:45+00:00

I am try to create extension of principal for organizationalUnit using this code below

  • 0

I am try to create extension of principal for organizationalUnit using this code below

[DirectoryRdnPrefix("OU")]
[DirectoryObjectClass("organizationalUnit")]
public class OrganizationalUnitPrincipal : Principal
{
    public OrganizationalUnitPrincipal(PrincipalContext Context_p)
    {
        PropertyInfo contextRaw = this.GetType().BaseType.GetProperty("ContextRaw",
            BindingFlags.Instance | BindingFlags.NonPublic);
        contextRaw.SetValue(this, Context_p, null);
    }
}

But it throws the following error:

System.ArgumentException: Persisted Principal objects cannot be used as query filters.

This error occurs when I try retrieve organizationalUnit attributes and properties.

Can this work or not?

I want to achieve the same as show on this page http://msdn.microsoft.com/en-us/site/bb384372

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    On the theorical point of view, I think that what you want to do has no sense. It’s explained in the article you point, but it’s not so clear. The concept of Principal is based on the Directory Schema wich discribe objects you can add to ActiveDirectory.

    The Principal, AuthenticablePrincipal, UserPrincipal, ComputerPrincipal, and GroupPrincipal classes can all be extended to create custom objects that extend the object model.

    But in LDAP in general and it’s the case in Active-Directory the class organizationalUnit is not a subclass of the user class, but just a subclass of the top class.

    In other words : on the conceptual point of view you can note that a Principal is kind of user (Yes in Microsoft point of view computers are users, they open sessions onto the domain like the users) and organizationalUnit is a kind of organizational box (like a directory in a file system), so the second one do not extent the first one.

    Edited

    Here is a subclass of DirectoryEntry that do what you want :

    class ClsOrganizationalUnit : DirectoryEntry
{
  private DirectoryEntry de;

  public string Description
  {
    get { return (string)de.Properties["description"][0]; }
    set { de.Properties["description"].Value = value;
          de.CommitChanges();
        }
  }

  public ClsOrganizationalUnit(string dn, string username, string password)
  {
    de = new DirectoryEntry(dn, username, password);
  }


}

class Program
{
  static void Main(string[] args)
  {
    ClsOrganizationalUnit ou = new ClsOrganizationalUnit("LDAP://192.168.183.100:389/ou=Monou,dc=dom,dc=fr", "jpb", "pwd");

    /* Set the attribute */
    ou.Description = "The description you want";
    Console.WriteLine("Here is your OU description : {0}", ou.Description);

    /* Remove the attribute */
    ou.Description = null;
  }
}
    • 0