Reset Active Directory Password

I have windows 2003 server and 2000 ad.  I am running IIS 6.  I am trying to reset a password using some of the sample code found on this site but I can't get it to work.  I can't even create the object below

set usr = GetObject("LDAP://CN=rfulcher,CN=Users,DC=company,DC=local")

All I get is a 500 internal error.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Do this to see specific error messages
Tools -> Internet Options
Go to "Advanced" tab.
Make sure "Show friendly HTTP error messages" is UNCHECKED.

Run the page again.
rfulcherAuthor Commented:
The error I get now is

error '80072030'
/ChangePass/Changepass.asp, line 30

Which corresponds to this line.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Are these values your server values or were they taken from your sample code? - "LDAP://CN=rfulcher,CN=Users,DC=company,DC=local"

One of the most handy toos for this stuff is the adsiedit. If you don't have it, you can install it from the Windows CD under SystemTools
rfulcherAuthor Commented:
I am taking a look at both things posted.  The values that I posted are the ones that I used except company was my company.  
rfulcherAuthor Commented:
I have used the adsiedit tool to look at the structure.  I can now get past that line because I have a connection like this:

set usr = GetObject("LDAP://CN=Robert Fulcher,OU=MIS,OU=CH,DC=Company,DC=Local")

The issue is that I have many OU ast the MIS level and can only get this to come back if I specify it this way.  Is there any way to have it search for this and I can pull the info back easier?
rfulcherAuthor Commented:
I need to reset the password here is wat I am trying to do:

usr.ChangePassword "oldpass", "newpass"

This is the error I am getting:

Active Directory error '8000500c'

The directory datatype cannot be converted to/from a native DS datatype

/ChangePass/Changepass.asp, line 36
This is how you might do a search. This includes creating a SQL style query along with looping through the results.

Give this a go:
                m_cOrganUnit = "CN=Users"
            Set objRoot = GetObject("LDAP://RootDSE")
            sDomainPath = objRoot.Get("DefaultNamingContext")
            Set con = Server.CreateObject("ADODB.Connection")
            con.provider = "ADsDSOObject"
   "Active Directory Provider"
            Set Com = Server.CreateObject("ADODB.Command")
            Set Com.ActiveConnection = con
            Set rstemp = Server.CreateObject("ADODB.Recordset")
            Com.CommandText = "select name, sAMAccountname from 'LDAP://" & m_cOrganUnit & "," & sDomainPath & "'"
            Set rstemp = Com.Execute
                do while not rstemp.eof

You can just loop through the results like this. I've used "name, sAMAccountname" but you can find any other field (like "mail" etc) that you can see under properties in adsiedit . At the same time, you can put things at thend of the CommandText like " Where name='Robert Fulcher'".

I'm not sure if you've seen this but it has a few clues about the error you're getting on changing the password. Ignore the way they are looking up the information as I found it cumbersome.

The IADsUser::ChangePassword method changes the user password from the specified old value to a new value.

HRESULT ChangePassword(
  BSTR bstrOldPassword,
  BSTR bstrNewPassword
[in] A BSTR that contains the current password.
[out] A BSTR that contains the new password.
Return Values
This method supports the standard return values, including S_OK. For more information and other return values, see ADSI Error Codes.
The method used to change the password is provider-specific. The system LDAP provider initially attempts a LDAP change password operation, if a secure SSL connection to the server is established. If this attempt fails, the LDAP provider then calls the Active Directory specific network management API, NetUserChangePassword.

In Active Directory, the caller must have the Change Password extended control access right to change the password with this method.

Example Code [Visual Basic]
The following code example shows how to change a user password.

Dim usr As IADsUser
Dim szOldPass As String
Dim szNewPass As String

On Error GoTo Cleanup

Set usr = GetObject("WinNT://Fabrikam/JeffSmith,user")
' Add code to securely retrieve the old and new password.

usr.ChangePassword szOldPass, szNewPass

    If (Err.Number<>0) Then
        MsgBox("An error has occurred. " & Err.Number)
    End If
    Set usr = Nothing
Example Code [C++]
The following code example shows how to change a user password.

HRESULT ChangePassword(
    IADsUser *pUser,
    LPWSTR oldPasswd,
    LPWSTR newPasswd)
    HRESULT hr=S_OK;
    if(!pUser) { return E_FAIL;}
    hr = pUser->ChangePassword(oldPasswd, newPasswd);
    printf("User password has been changed");
    return hr;
Client: Requires Windows XP or Windows 2000 Professional.
Server: Requires Windows Server 2003 or Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0, Windows 95, Windows 98 and Windows Me.
Header: Declared in Iads.h.

See Also
IADsUser, IADsUser Property Methods, ADSI Error Codes


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
I supplied some code that should take care of what they need. Recomend that I get at least some of the points.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.