Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

changing a password in active directory

Posted on 2006-11-08
5
Medium Priority
?
346 Views
Last Modified: 2008-02-01
I have the following code:
private void ChangePassword()
{
   const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
   const long ADS_OPTION_PASSWORD_METHOD = 7;
   const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
   const int ADS_PASSWORD_ENCODE_CLEAR   = 1;
   int intPort = 389;
   DirectoryEntry oNewUser, oDE;

   Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

   string ADDomain = oUtil.GetAppStringSetting("ADDomain");
   string ADServer = oUtil.GetAppStringSetting("ADServer");
   string ADContext = oUtil.GetAppStringSetting("ADContext");
   string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
   string DomainName = oUtil.GetAppStringSetting("DomainName");
   string ADAdminUser = DomainName + oUtil.GetAppStringSetting("ADAdminUser");
   string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

   oDE = new DirectoryEntry(ADPath, ADAdminUser, ADAdminPassword, AuthenticationTypes.Secure);
   DirectorySearcher deSearch = new DirectorySearcher();
   deSearch.SearchRoot = oDE;
   deSearch.Filter = "(sAMAccountName=hobbes)";
   deSearch.SearchScope = SearchScope.Subtree;
   SearchResult results= deSearch.FindOne();

   if(results !=null)
   {
     oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword, AuthenticationTypes.ServerBind);
     oNewUser.RefreshCache();
   }
   else
   {
     oNewUser = null;
   }

   lblStatus.Visible = true;

   try
   {
     lblStatus.Text = "Got part way...";
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_PORTNUMBER, intPort});
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR});
     //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
***BLOWS UP BELOW ON THE NEXT LINE***
     oNewUser.Invoke("SetPassword", new object[] {"abc111"});
     lblStatus.Text = "Successfully change password.";
   }
   catch (Exception ex)
   {
     lblStatus.Text = ex.Message;
   }
}

I know I have the right object in AD.  I can explore the oNewUser object and verify that the various parts of it are all filled out.
Path  "LDAP://depot.e-olsons.local/CN=Calvinetta Hobbes,OU=TestOU,OU=MyBusiness,DC=e-Olsons,DC=local"      string
As you can see, I found my cat.

However, I am getting the following error:
Exception has been thrown by the target of an invocation.  {"The server is unwilling to process the request." }

For further reference - web.config has the following which the oUtil object is reading in:
  <appSettings>
    <add key="ADServer" value="depot.e-olson.local/" />
    <add key="DomainName" value="e-olson\" />
    <add key="ADAdminUser" value="xxx000" />
    <add key="ADAdminPassword" value="abc123" />
    <add key="ADPath" value="LDAP://" />
    <add key="ADDomain" value="DC=e-olson, DC=local" />
    <add key="ADContext" value="OU=TestOU, OU=MyBusiness" />
  </appSettings>

At my workstation, I am an enterprise, domain, admin equivalent.  I used the actual domain admin information in the web.config (obviously cut out above).

I have tried LOTS of sample versions I found on the web and I cannot get past this problem.  It blows up where I put the *** marker.  I am at home with my own Windows 2003 Small Business server and I am using the administrative account in web.config to load all the information about the domain.  It is service packed to the hilt.  I am running VisualStudio 2003 SP1 and my XP Pro system is service packed to the hilt.  I have the framework v1.1 with added security patches, too.  I have tried variations on AuthenticationTypes.Secure, None, etc...

I am SOOO frustrated.  Any ideas on why my server is so unwilling?

William
0
Comment
Question by:wjolson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 12

Expert Comment

by:RubenvdLinden
ID: 17904936
Can you alter the code a bit and run it as a WinForm application?
If it runs from there, you'll know the code is correct and you need to look for a problem with the webserver.
0
 

Author Comment

by:wjolson
ID: 17921519
Ok.  I created a WinForm this AM and there is no difference.  It blows up on the same line with the same exact message.  I am still stuck.

William
0
 

Author Comment

by:wjolson
ID: 17922121
And the solution to this problem seems to have been 2 fold.  

First, I noticed that if I typed in a user id and password directly such as this...
oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword"); -- the error message changed.

Also, I got rid of the ...AuthenticationTypes.Secure, or None, etc...  I suppose this implies I am doing things in clear text, but it is okay for my app.

I have posted the code below that worked for me.  As you will notice I dropped all the other junk about picking the port and setting constants.  It wasn't necessary for what I needed.

Thanks.

William Olson


private void ChangePassword()
{
  DirectoryEntry oNewUser, oDE;
  Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

  string ADDomain = oUtil.GetAppStringSetting("ADDomain");
  string ADServer = oUtil.GetAppStringSetting("ADServer");
  string ADContext = oUtil.GetAppStringSetting("ADContext");
  string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
  string DomainName = oUtil.GetAppStringSetting("DomainName");
  string ADAdminUser = oUtil.GetAppStringSetting("ADAdminUser");
  string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

  try
  {
    oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword");
    DirectorySearcher deSearch = new DirectorySearcher();
    deSearch.SearchRoot = oDE;
    deSearch.Filter = "(sAMAccountName=hobbes)";
    deSearch.SearchScope = SearchScope.Subtree;
    SearchResult results = deSearch.FindOne();

    if(results != null)
    {

NOTE: "MyDomain.local\\administrator" doesn't work well from the web or app .config file.  I found it better to specify the logon id as administrator@myDomain.local in my config file.  Otherwise, you get the @ symbol infront of the variable and it does not get interpreted well.

      oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword);
      oNewUser.Invoke("SetPassword", new object[] {"cat999"});
      //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
    }
    else
    {
      oNewUser = null;
    }
    lblStatus.Visible = true;
    lblStatus.Text = "Successfully change password.";
    }
    catch (Exception ex)
    {
      lblStatus.Text = ex.Message;
    }
}
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18109043
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question