AD COM Exception in Windows 2003 Server 

Tags: .NET, MOSS, Windows 2003

I was recently developing an account provisioning capability based on the ActiveDirectoryMembershipProvider which shipped with the .NET 2.0 Framework. On my development machine I noticed that on random occasion I would get an exception thrown, but assumed it was something unique to my local machine since I was not seeing the same issue in our Testing and Integration environment. Testing occurred and the code was approved to be deployed to our new High Availability Environment, fortunately not yet in live use.

   

While testing the provisioning code I noticed that I could approve one account, but then all following requests would have a COM Exception thrown. The next day I would try again and the first account would create, but following attempts would fail. I researched the internet to no avail and finally leveraged the Microsoft Support Contract we had. Amazingly I was only the second person to report this error to Microsoft and they DO NOT have a Hot-Fix for the issue, however it is resolved in Windows Server 2008.

   

Error StackTrace

One or more input parameters are invalid

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

   

Exception Details: System.Runtime.InteropServices.COMException: One or more input parameters are invalid

   

   

Source Error:

   

   

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

   

   


[COMException (0x80005008): One or more input parameters are invalid]

[TargetInvocationException: Exception has been thrown by the target of an invocation.]
System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) +221
System.Web.Security.ActiveDirectoryMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) +2461
ADAccountCreator.CustomADMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) +121
System.Web.Security.Membership.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status) +224
System.Web.Security.Membership.CreateUser(String username, String password, String email) +30
ADAccountCreator.ADAccountCreatorActivity.ManuallyCreateAccount(String username, String password, String email) +43
HarmonieWebAccountRegistration.HarmonieWebAccountCreator.ManuallyProvisionAccount(String username, String password, String email, Hashtable additionalProperties) +280
HarmonieWebAccountRegistration.AccountRegistrationApproval.HandleItemCommand(Object source, DataGridCommandEventArgs e) +1172
System.Web.UI.WebControls.DataGrid.OnItemCommand(DataGridCommandEventArgs e) +105
System.Web.UI.WebControls.DataGrid.OnBubbleEvent(Object source, EventArgs e) +77
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
System.Web.UI.WebControls.DataGridItem.OnBubbleEvent(Object source, EventArgs e) +117
System.Web.UI.Control.RaiseBubbleEvent(Object source, EventArgs args) +35
System.Web.UI.WebControls.Button.OnCommand(CommandEventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +163
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +7
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +11
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1746


Version Information: Microsoft .NET Framework Version:2.0.50727.1433; ASP.NET Version:2.0.50727.1433

   

Microsoft reported that they had no Hot Fix and no work arounds, but they know the issue is in the ADSI module of ALL Windows 2003 Server Oss.

   

After talking with some of our Very Senior, experience not age, personnel one of them told me he had seen the issue and if I captured the COMException from the SetPassword call that all would be fine. So I overloaded the ActiveDirectoryMembershipProvider's CreateUser fuciton and caught the COMException when we set the password. Amazingly enough it worked, and the password was set as expected. We reported this back to Microsoft, and seemed to amaze them as well. So here is the code snippet to allow you to create AD users:
 

DirectoryEntry newUser = directoryEntry.Children.Add("CN=" + username, "user");

try

{

newUser.Properties["samAccountName"].Value = username;

newUser.Properties["userPrincipalName"].Value = username + "@domain.local";

newUser.Properties["mail"].Value = email;

newUser.CommitChanges();

oGUID = newUser.Guid.ToString();

   

try

{

newUser.Invoke("SetPassword", new object[] { password });

newUser.CommitChanges();

}

catch (DirectoryServicesCOMException ex) //Handle COM Exception

{

//Log the exception

}

}

finally

{

if(newUser != null)

{

newUser.Close();

newUser.Dispose();

}

}

   

Also significant is that we do not just rely on the Dispose method of our newUser DirectoryEntry object. MS reports that the Dispose is actually from the Component base class and does not perform a close.

 
Posted by David McWee on 13-May-08
0 Comments  |  Trackback Url  |  Link to this post | Bookmark this post with:        
 
Name:
URL:
Email:
Comments: