Solved

Active directory programming - setting user password

Posted on 2004-09-02
6
440 Views
Last Modified: 2010-04-14
I have the following code :

(C# code)

DirectoryEntry de = new DirectoryEntry();

// Set credentials of an AD account that is priveledged to be able to create users
de.Username = username;
de.Password = password;

// Set active LDAP path
de.Path = LDAPpath;

// Assign the users in the LDAPpath to a variable so we can manipulate it (add users)
DirectoryEntries users = de.Children;

// Add user account
DirectoryEntry user = users.Add("CN=" + LastName + "\\, " + FirstName, "user");

// Set additional properties of new account
user.Properties["samAccountName"].Add(username); // Login name
user.Properties["givenName"].Add(FirstName); // First Name
user.Properties["sn"].Add(LastName); // Last Name
user.Properties["userPassword"].Add(password);

// Commit changes so far so we can then add additonal account properties
user.CommitChanges();

// Set the account to be a "normal account" (0x10000)
user.Properties["userAccountControl"].Value = ((int) user.Properties["userAccountControl"].Value) | 0x10000;

// Set the "account disable" to false (account disable = 0x2)
user.Properties["userAccountControl"].Value = ((int) user.Properties["userAccountControl"].Value) & ~0x2;

// Set profile path
user.Properties["profilePath"].Add(ProfilePath);

// Commit final changes
user.CommitChanges();


However, I have found out that it doesn't work.

The account is created, but I cannot log in using the password that was set in this line :
user.Properties["userPassword"].Add(password);


This code is basically adapted from the WROX Professional C# 2nd edition book and they use that method to set the password.

I even tried hardcoding in a string - no luck.

Any ideas on how to create a password for a new account created in programatically?

PS If I go onto the Domain controller and reset the password for the account then it works so I know that other than the password the account is getting correctly created.

Thanks.
0
Comment
Question by:mrichmon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
6 Comments
 
LVL 10

Expert Comment

by:eternal_21
ID: 11968935
Instead of:

  user.Properties["userPassword"].Add(password);

Try this:

  user.Invoke("SetPassword", new object[] {password});
0
 
LVL 35

Accepted Solution

by:
mrichmon earned 0 total points
ID: 11969157
The answer was that I needed to commit changes after setting the userPrincipalName before it allows the pasword to be set - otherwise it sets the password to blank.
0
 
LVL 10

Expert Comment

by:eternal_21
ID: 11975712
Did you try using user.Invoke("SetPassword", new object[] {password}) *before* doing your commit?
0
 
LVL 35

Author Comment

by:mrichmon
ID: 11976187
yes.

didn't  work.

In both cases the commitchanges needed to happen BEFORE any password commands could be issued.  I actually found documentation from Microsoft verifying this.

It was not true on Win NT 4, but is true of the newer AD domains according to the article....
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Group Policy 9 562
Windows timing on domain Pcs 4 463
Data off on old Win 2000 server. 18 604
Raising Domain/Forest Level to Windows 2003 (from a retired Windows 2000 DC) 8 154
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A lot of things can happen during a presentation, worst of which is “death by PowerPoint.” Here are a few mistakes to avoid to make your slides clean.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question