Consegui resolver esse problema da seguinte maneira byte[] bytes = (byte[])oUser.Properties["objectSid"][0]; string UserPath = "LDAP://" + dominioUsusario + "/<SID= + BuildOctetString(bytes) + ">"; oGroup.Invoke("Add", new Object[] { UserPath }); oGroup.CommitChanges(); oGroup.Close(); oUser.Close(); ----------------------------------- private string BuildOctetString(byte[] bytes) { StringBuilder sb = new StringBuilder(); foreach (byte b in bytes) { sb.Append(b.ToString("X2")); } return sb.ToString(); } Agora estou com problemas na hora de remover o usuário: byte[] bytes = (byte[])oUser.Properties["objectSid][0]; string UserPath = "LDAP://" + dominioUsusario + "/<SID=" + BuildOctetString(bytes) + ">"; oGroup.Invoke("Remove", new Object[] { UserPath }); oGroup.CommitChanges(); oGroup.Close(); oUser.Close(); esta acontecendo o seguinte erro: System.DirectoryServices.DirectoryServicesCOMException (0x80072035): The server is unwilling to process the request. (Exception from HRESULT: 0x80072035) --- End of inner exception stack trace --- at ManipulaAD.UsuarioAD.RemoveUserFromGroup(String UserName, String GroupName) in d:\Projetos\MBR\AdminSeg\Aplicacao\AdminSegSln\AdminSegWSPastas\App_Code\UsuarioAD.cs:line 237 at wsPastasCompartilhadas.RevogarAcesso(Int32 IdOperacao, String Sistema, String MatUsuario, String IdAcesso, String IdModExterno, String IdPerfilExterno, String IdVisibilidadeExterno) in d:\Projetos\MBR\AdminSeg\Aplicacao\AdminSegSln\AdminSegWSPastas\App_Code\wsPastasCompartilhadas.cs:line 87