In your code, the 'userDistinguishedName' and 'newDistinguishedName' variables should contain the full distinguished name of the user and the destination OU. Tthe values you provided looks to be incomplete or incorrect. Make sure that you have the correct distinguished names for both the user and the target OU.
The code you provided is using the 'ModifyDNRequest' class, which is used to modify the RDN of an entry. To move an account from one OU to another, you need to perform a different LDAP operation called "LDAP Modify" that involves modifying the 'distinguishedName' attribute of the user's entry to the new OU's distinguished name. a Full description and sample code is to be found at
Modifying Entry Properties[
^]
Your code should then look similar to -
string domain = "domain-secure.corp";
string userDistinguishedName = "CN=TestUser,OU=Users,OU=PreStaging,DC=domain-secure,DC=corp";
string newParentDistinguishedName = "OU=Disabled Users,OU=Disabled,DC=domain-secure,DC=corp";
string newUserDistinguishedName = $"CN=TestUser,{newParentDistinguishedName}";
using (LdapConnection connection = new LdapConnection(new LdapDirectoryIdentifier(domain, 636)))
{
connection.SessionOptions.SecureSocketLayer = true;
connection.SessionOptions.VerifyServerCertificate = new VerifyServerCertificateCallback(ServerCallback);
connection.Credential = new NetworkCredential(AdminUsername, AdminPassword);
connection.AuthType = AuthType.Basic;
connection.Bind();
ModifyDNRequest request = new ModifyDNRequest(userDistinguishedName, newUserDistinguishedName, newParentDistinguishedName);
request.DeleteOldRdn = true;
try
{
ModifyDNResponse response = (ModifyDNResponse)connection.SendRequest(request);
if (response.ResultCode == ResultCode.Success)
{
return "Success";
}
else
{
return $"Failed Moving User: {response.ResultCode}";
}
}
catch (Exception ex)
{
return $"Error Moving User: {ex.Message}";
}
}