Home
Code 80072032 – An invalid dn syntax

Code 80072032 – An invalid dn syntax

September 25, 2005 No Comments Error Codes, Logon

Custom Search

Guy recommends :
Free – WMI Monitor

Free WMI Monitor Download

Get more ideas for your PowerShell scripts with SolarWinds’ WMI Monitor.

Free WMI Monitor Download

Funny computer jokes

Troubleshooting Code 80072032 – An invalid dn syntax

Introduction to Error Code 80072032

Code 80072032 occurs when you execute a VBScript with an invalid LDAP reference.  A common scenario is that you are creating user objects in Active Directory.  Another scenario is that you are adding members to a group with an inappropriate scope.Code 80072032 - An invalid dn syntax

The Symptoms You Get 80072032

A WSH message box pops-up and the script does not execute as you hoped.  One possibility is that you are using a WSCRIPT and you are missing a vital LDAP element in the script.

The Cause of Code 80072032

A clue to the problem lies in Error: line.  There is something wrong with the description of the object.  Most likely dn – distinguished name has not been properly specified, in this example, look for the LDAP reference in Line 13.  Although the scripts says Char: 1, it may not be the very first character, what its saying is that it cannot parse that line. Check LDAP here

See Also Group Scope problem

The Solution

On investigating line 13, you see that there is no ‘cn=’ in front of the name.  The script does not know how to interpret GuidoT.  In fact, GuidoT is the user’s name, so just correct the script to read: cn=GuidoT.

  ‡

Example 1 of Script for error 80072032

Note: The error is reported as Line 13, missing cn for example cn=GuidoT.

Note: Error 80072032 reports a dn (Distinguished name) error, whereas the code just needs a cn (common name).  In most cases it’s only one element of the dn that is incorrect (CN=GuidoT).

 


‘ VBScript.
‘ To create a user called Guido in an OU called Worcester
‘ Note the domain is cp.com.
Set objOU = GetObject("LDAP://OU=Worcester,dc=cp,dc=com")
Set objUser = objOU.Create("User", "cn=GuidoT")
objUser.Put "sAMAccountName", "GuidoT"
objUser.Put "givenName", "Guido"
objUser.Put "initials", "A.G."
objUser.Put "sn", "Thomas"
objUser.Put "displayName", "Guido Thomas"
objUser.SetInfo
Set objUser = GetObject _
("LDAP://GuidoT,OU=Worcester,dc=cp,dc=com")
objUser.AccountDisabled = FALSE
objUser.SetInfo

Guy Recommends:  SolarWinds’ Free Bulk Import ToolFree Download Solarwinds Bulk Import Tool

Import users from a spreadsheet.  Just provide a list of the users with their fields in the top row, and save as .csv file.  Then launch this FREE utility and match your fields with AD’s attributes, click and import the users.

Optionally, you can provide the name of the OU where the new accounts will be born. Download your FREE bulk import tool.

If you need more comprehensive software, download a free trial of SAM (Server & Application Monitor)

Example 2 of Script for error 80072032

The LDAP path should be CN=Doctors, not plain Doctors

So you need to add "CN=" & to this line:

Set objNewGroup = objOU.Create("Group", strNewGroup)

Set objNewGroup = objOU.Create("Group", "cn=" & strNewGroup)

Note: Once again error 80072032 reports a dn (Distinguished name) error, where as the code just needs a cn (common name).  The answer is that the one element of the dn is incorrect (CN=Doctors), however the whole dn LDAP path gets charged with error 80072032.

 

‘ CreateGroup.vbs
‘ Creates Group to add members.
‘ Version 2.3
‘ Guy Thomas 18th July 2010

Option Explicit

Dim objAD, objGroup, objNewGroup, objUser, objRootDSE
Dim objDomain, objOU ‘ Objects
Dim strGroup, strNewGroup, strPath, strUser
Dim strOU, strDNSDomain ‘ Strings

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")
strOU ="OU=Droitwich,"

strPath ="LDAP://" & strOU & strDNSDomain
Set objOU = GetObject(strPath)

‘ 2) Create Global group. Edit the next line to your group name
strNewGroup ="Doctors"
WScript.Echo "Is this the group you intended? " & strNewGroup

‘ Remember to check strNewGroup
‘ We need On error… in case already exists
‘On Error Resume Next
Set objNewGroup = objOU.Create("Group", strNewGroup)
objNewGroup.Put "sAMAccountName", strNewGroup
objNewGroup.SetInfo
Wscript.Echo "Check ADUC " & strOU & " for " & strNewGroup

WSCript.Quit

‘ End of Script

Example 3 Group Scope Problem

Error 80072032 – The server is unwilling to process the request

This error occurred on a line where I was attempting to add a user to a group in a different domain within the same forest. I had forgot to change that group’s type to ‘domain local’ and received this error message (it was previously a global group, which does not allow members for remote domains).

Kindly sent in by Paula. 

Solarwinds Free WMI MonitorGuy Recommends: WMI Monitor and It’s Free!

Windows Management Instrumentation (WMI) is one of the hidden treasures of Microsoft operating systems.  Fortunately, SolarWinds have created the WMI Monitor so that you can examine these gems of performance information for free.  Take the guess work out of which WMI counters to use for applications like Microsoft Active Directory, SQL or Exchange Server.

Download your free copy of WMI Monitor

Do you need additional help?

Give something back?

Would you like to help others?  If you have a good example of this error, then please email me, I will publish it with a credit to you:

   

Download my Logon Script eBook for only $6.25

Logon ScriptThe extra features you get in your eBook include, more pages full of detailed examples.  Also, ten ‘how to…’ sections, with screen shots showing which menus to use.  Go for Guy’s eBook – and get a printable version with copy enabled and no expiry date.

  Jumbo Script 7 Package

If you like this page then please share it with your friends

 

About The Author

Guy Thomas

Related Posts