Error 1045 Operation is not Allowed on RDN

Wilson WindowWare Tech Support

WinBatch WinBatch+Compiler WebBatch
Home | Tech Database | Tech BBS | White Papers | Purchase

Error 1045: Operation is not Allowed on RDN
Keywords: 	 Error 1045: Operation is not allowed on RDN
Question:
I'm trying to change the 'cn' attribute and the 'name' attribute of a user using the adsi extender. Here's my code, followed by the error I get:
;**** snip **** AddExtender("WWADS34I.DLL") server="servername" uid="twist" firstname="twisted" lastname="crust" sAdsiPath = "LDAP://%servername%/CN=users,DC=countyconcrete,DC=com" sAdsiPath= dsFindPath(sAdsiPath, "sAMAccountName=%uid%") dsSetProperty(sAdsiPath, "name", "%firstname% %lastname%") dsSetProperty(sAdsiPath, "cn", "%firstname% %lastname%"); ;**** end snip ****
Error 1045: Operation is not allowed on RDN.
It's failing on the dsSetProperty line for either the 'cn' or 'name' attribute.
I can successfully change attributes like 'givenName' without a problem. I think it might have something to do with the adsi path. Any suggestions?
Answer:
The line:
dsSetProperty(sAdsiPath, "cn", "%firstname% %lastname%")
is failing. The Relative Distinguished Name(RDN) is the "cn" property of a user and you can not reset this property. If you really want to change the "cn", you could create a new object with the desired "cn". You would then have to copy all of the relevant properties for the original object to the new object and then delete the original object.
Article ID:   W15037