/// <summary> /// Helper method to create an active directory account /// </summary> /// <param name="userName">The username field as set in Microsoft Dynamics CRM</param> /// <param name="firstName">The first name of the system user to be retrieved</param> /// <param name="lastName">The last name of the system user to be retrieved</param> /// <param name="serviceProxy">The OrganizationServiceProxy object to your Microsoft /// Dynamics CRM environment</param> /// <param name="ldapPath">The LDAP path for your network - you can either call /// ConsolePromptForLDAPPath() to prompt the user or provide a value in code</param> /// <returns>Return true if new account is created or return false if account already exist.</returns> public static Boolean CreateADAccount(String userName, String firstName, String lastName, OrganizationServiceProxy serviceProxy, ref String ldapPath) { // Check to make sure this is not Microsoft Dynamics CRM Online. if (serviceProxy.ServiceConfiguration.AuthenticationType == AuthenticationProviderType.LiveId || serviceProxy.ServiceConfiguration.AuthenticationType == AuthenticationProviderType.OnlineFederation) { throw new Exception(String.Format("To run this sample, {0} {1} must be an active system user " + "\nin your Microsoft Dynamics CRM Online organization.", firstName, lastName)); } if (String.IsNullOrEmpty(ldapPath)) { ldapPath = SystemUserProvider.ConsolePromptForLDAPPath(); } // Create an Active Directory user account if it doesn't exist already. if (String.IsNullOrEmpty(ldapPath)) { throw new ArgumentException("Required argument ldapPath was not provided."); } DirectoryEntry directoryEntry; if (serviceProxy.ClientCredentials.Windows != null) { string LUser = serviceProxy.ClientCredentials.Windows.ClientCredential.UserName; string LPwd = serviceProxy.ClientCredentials.Windows.ClientCredential.Password; directoryEntry = new DirectoryEntry(ldapPath, LUser, LPwd); } else { directoryEntry = new DirectoryEntry(ldapPath); } DirectoryEntry userADAccount = null; // Search AD to see if the user already exists. DirectorySearcher search = new DirectorySearcher(directoryEntry); search.Filter = String.Format("(sAMAccountName={0})", userName); search.PropertiesToLoad.Add("samaccountname"); search.PropertiesToLoad.Add("givenname"); search.PropertiesToLoad.Add("sn"); search.PropertiesToLoad.Add("cn"); SearchResult result = search.FindOne(); Boolean accountCreated = false; if (result == null) { // Create the Active Directory account. userADAccount = directoryEntry.Children.Add("CN= " + userName, "user"); userADAccount.Properties["samAccountName"].Value = userName; userADAccount.Properties["givenName"].Value = firstName; userADAccount.Properties["sn"].Value = lastName; userADAccount.CommitChanges(); accountCreated = true; } else { // Use the existing AD account. userADAccount = result.GetDirectoryEntry(); accountCreated = false; } // Set the password for the account. String password = "******"; userADAccount.Invoke("SetPassword", new object[] { password }); userADAccount.CommitChanges(); directoryEntry.Close(); userADAccount.Close(); // Enable the newly created Active Directory account. userADAccount.Properties["userAccountControl"].Value = (int)userADAccount.Properties["userAccountControl"].Value & ~0x2; userADAccount.CommitChanges(); // Wait 10 seconds for the AD account to propagate. Thread.Sleep(10000); return(accountCreated); }