Closed bapthbrt closed 5 years ago
Hi Bapthbrt,
Can you share the codes for how to update that property of the object please. Many thanks. I try to do it without a success.
dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ou.create_computer("test2")
computer.set_user_account_control_setting('WORKSTATION_TRUST_ACCOUNT',True) Traceback (most recent call last): File "
", line 1, in File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 380, in set_user_account_control_setting self.update_attribute('userAccountControl',nv) File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 321, in update_attribute self._flush() File "C:\ProgramData\Anaconda3\lib\site-packages\pyad\adobject.py", line 206, in _flush return self._ldap_adsi_obj.SetInfo() File "<COMObject >", line 2, in SetInfo pywintypes.com_error: (-2147352567, 'Exception occurred.', (0, 'Active Directory ', 'A device attached to the system is not functioning.\r\n', None, 0, -21470248 65), None)
It works after "adcontainer.py" is tuned in the function "create_computer".
It works after "adcontainer.py" is tuned in the function "create_computer".
I'm sorry, I didn't get that. Could you please explain?
dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ou.create_computer("test2")
More like that: dn="ou=org,ou=Services,dc=mydomain,dc=com" ou = pyad.adcontainer.ADContainer.from_dn(dn) computer=ADComputer.create("test2", ou)
ADComputer is inherited from ADContainer
There is an issue when you try to create a computer object in Active Directory domain. It came to me when I tried to find the object I just create with dsa console. I was not able to find it unless I go in the OU container to find it manually. Then, the join domain operation failed on my server saying that there were no target object in the domain.
So, I looked closely in the object property and it seemed that the object was declared as computer but had the properties of a user (default group "Domain users" or SAMAccountType "805306368").
I finally found a technet article and this blog page explaining the issue and how to solve it. It is basically by design as a computer object is a derivation of a user object. To create correctly a computer object, you need to set the UserAccountControl property of the object with the correct value for a computer (it is by default for a user).