Solved

Active directory programming - setting user password

Posted on 2004-09-02
6
438 Views
Last Modified: 2010-04-14
I have the following code :

(C# code)

DirectoryEntry de = new DirectoryEntry();

// Set credentials of an AD account that is priveledged to be able to create users
de.Username = username;
de.Password = password;

// Set active LDAP path
de.Path = LDAPpath;

// Assign the users in the LDAPpath to a variable so we can manipulate it (add users)
DirectoryEntries users = de.Children;

// Add user account
DirectoryEntry user = users.Add("CN=" + LastName + "\\, " + FirstName, "user");

// Set additional properties of new account
user.Properties["samAccountName"].Add(username); // Login name
user.Properties["givenName"].Add(FirstName); // First Name
user.Properties["sn"].Add(LastName); // Last Name
user.Properties["userPassword"].Add(password);

// Commit changes so far so we can then add additonal account properties
user.CommitChanges();

// Set the account to be a "normal account" (0x10000)
user.Properties["userAccountControl"].Value = ((int) user.Properties["userAccountControl"].Value) | 0x10000;

// Set the "account disable" to false (account disable = 0x2)
user.Properties["userAccountControl"].Value = ((int) user.Properties["userAccountControl"].Value) & ~0x2;

// Set profile path
user.Properties["profilePath"].Add(ProfilePath);

// Commit final changes
user.CommitChanges();


However, I have found out that it doesn't work.

The account is created, but I cannot log in using the password that was set in this line :
user.Properties["userPassword"].Add(password);


This code is basically adapted from the WROX Professional C# 2nd edition book and they use that method to set the password.

I even tried hardcoding in a string - no luck.

Any ideas on how to create a password for a new account created in programatically?

PS If I go onto the Domain controller and reset the password for the account then it works so I know that other than the password the account is getting correctly created.

Thanks.
0
Comment
Question by:mrichmon
  • 2
  • 2
6 Comments
 
LVL 10

Expert Comment

by:eternal_21
ID: 11968935
Instead of:

  user.Properties["userPassword"].Add(password);

Try this:

  user.Invoke("SetPassword", new object[] {password});
0
 
LVL 35

Accepted Solution

by:
mrichmon earned 0 total points
ID: 11969157
The answer was that I needed to commit changes after setting the userPrincipalName before it allows the pasword to be set - otherwise it sets the password to blank.
0
 
LVL 10

Expert Comment

by:eternal_21
ID: 11975712
Did you try using user.Invoke("SetPassword", new object[] {password}) *before* doing your commit?
0
 
LVL 35

Author Comment

by:mrichmon
ID: 11976187
yes.

didn't  work.

In both cases the commitchanges needed to happen BEFORE any password commands could be issued.  I actually found documentation from Microsoft verifying this.

It was not true on Win NT 4, but is true of the newer AD domains according to the article....
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question