Home/ Questions/Q 7502667
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T20:57:08+00:00

I’m working on upgrading a solution in VB.NET that is heavily based on Active

  • 0

I’m working on upgrading a solution in VB.NET that is heavily based on Active Directory. As of now, I’m trying to add a PC restriction to a new AD User upon user creation. Essentially, I need to update the Logon To attribute to include 1 or more PCs, how do I go about doing this?

I learned that I am interested in the IADsUser property “LoginWorkstations” (thanks to http://msdn.microsoft.com/en-us/library/Aa746340). As of now, I have code that can fetch this attribute from any AD user, but I cannot set it.

Here is the code I have to fetch the attribute:

Dim userADObject As new DirectoryEntry(ADPath)
Dim logonToPC as String = userADObject.InvokeGet("LoginWorkstations")(0).ToString

That will fetch the first restricted PC (if there is one) and save it in logonToPC and will look something like “PC10000

That works great, so intuitively I would assume something like this would work:

Dim userADObject As new DirectoryEntry(ADPath)
Dim args() As Object = {"PC100001"}
userADObject.InvokeSet("LoginWorkstations", args)

But it doesn’t work… It just throws a rather unhelpful exception.

I’ve tried testing this approach with a different attribute and it works just fine. Not much out there on Google either unfortunately…

Any help would be greatly appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Found the solution that works. I took marc_s’s code and modified a bit to work properly. here’s what I have:

    Dim userADObject As New DirectoryEntry(Me.ADPath)
'Grab the previous restriction, because we may have to clear it first in the future
Dim priorRestriction As String = userADObject.Properties("userWorkstations").Value

If priorRestriction = "" Then
     'Simply add
     userADObject.Properties("userWorkstations").Add("PC001,PC002")
Else
     'Important - We have to clear the old restriction before adding the new
     userADObject.Properties("userWorkstations").Remove(priorRestriction)
     'Now add the new restriction
     userADObject.Properties("userWorkstations").Add(priorRestriction & ",PC003")
End If
'Commit!
userADObject.CommitChanges()

    Something that gave me some pretty good grief what that I you can’t have a space in the string being added. Example: .Add("PC001, PC002") has to be .Add("PC001,PC002")

    • 0