?
Solved

changing a password in active directory

Posted on 2006-11-08
5
Medium Priority
?
342 Views
Last Modified: 2008-02-01
I have the following code:
private void ChangePassword()
{
   const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
   const long ADS_OPTION_PASSWORD_METHOD = 7;
   const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
   const int ADS_PASSWORD_ENCODE_CLEAR   = 1;
   int intPort = 389;
   DirectoryEntry oNewUser, oDE;

   Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

   string ADDomain = oUtil.GetAppStringSetting("ADDomain");
   string ADServer = oUtil.GetAppStringSetting("ADServer");
   string ADContext = oUtil.GetAppStringSetting("ADContext");
   string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
   string DomainName = oUtil.GetAppStringSetting("DomainName");
   string ADAdminUser = DomainName + oUtil.GetAppStringSetting("ADAdminUser");
   string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

   oDE = new DirectoryEntry(ADPath, ADAdminUser, ADAdminPassword, AuthenticationTypes.Secure);
   DirectorySearcher deSearch = new DirectorySearcher();
   deSearch.SearchRoot = oDE;
   deSearch.Filter = "(sAMAccountName=hobbes)";
   deSearch.SearchScope = SearchScope.Subtree;
   SearchResult results= deSearch.FindOne();

   if(results !=null)
   {
     oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword, AuthenticationTypes.ServerBind);
     oNewUser.RefreshCache();
   }
   else
   {
     oNewUser = null;
   }

   lblStatus.Visible = true;

   try
   {
     lblStatus.Text = "Got part way...";
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_PORTNUMBER, intPort});
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR});
     //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
***BLOWS UP BELOW ON THE NEXT LINE***
     oNewUser.Invoke("SetPassword", new object[] {"abc111"});
     lblStatus.Text = "Successfully change password.";
   }
   catch (Exception ex)
   {
     lblStatus.Text = ex.Message;
   }
}

I know I have the right object in AD.  I can explore the oNewUser object and verify that the various parts of it are all filled out.
Path  "LDAP://depot.e-olsons.local/CN=Calvinetta Hobbes,OU=TestOU,OU=MyBusiness,DC=e-Olsons,DC=local"      string
As you can see, I found my cat.

However, I am getting the following error:
Exception has been thrown by the target of an invocation.  {"The server is unwilling to process the request." }

For further reference - web.config has the following which the oUtil object is reading in:
  <appSettings>
    <add key="ADServer" value="depot.e-olson.local/" />
    <add key="DomainName" value="e-olson\" />
    <add key="ADAdminUser" value="xxx000" />
    <add key="ADAdminPassword" value="abc123" />
    <add key="ADPath" value="LDAP://" />
    <add key="ADDomain" value="DC=e-olson, DC=local" />
    <add key="ADContext" value="OU=TestOU, OU=MyBusiness" />
  </appSettings>

At my workstation, I am an enterprise, domain, admin equivalent.  I used the actual domain admin information in the web.config (obviously cut out above).

I have tried LOTS of sample versions I found on the web and I cannot get past this problem.  It blows up where I put the *** marker.  I am at home with my own Windows 2003 Small Business server and I am using the administrative account in web.config to load all the information about the domain.  It is service packed to the hilt.  I am running VisualStudio 2003 SP1 and my XP Pro system is service packed to the hilt.  I have the framework v1.1 with added security patches, too.  I have tried variations on AuthenticationTypes.Secure, None, etc...

I am SOOO frustrated.  Any ideas on why my server is so unwilling?

William
0
Comment
Question by:wjolson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 12

Expert Comment

by:RubenvdLinden
ID: 17904936
Can you alter the code a bit and run it as a WinForm application?
If it runs from there, you'll know the code is correct and you need to look for a problem with the webserver.
0
 

Author Comment

by:wjolson
ID: 17921519
Ok.  I created a WinForm this AM and there is no difference.  It blows up on the same line with the same exact message.  I am still stuck.

William
0
 

Author Comment

by:wjolson
ID: 17922121
And the solution to this problem seems to have been 2 fold.  

First, I noticed that if I typed in a user id and password directly such as this...
oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword"); -- the error message changed.

Also, I got rid of the ...AuthenticationTypes.Secure, or None, etc...  I suppose this implies I am doing things in clear text, but it is okay for my app.

I have posted the code below that worked for me.  As you will notice I dropped all the other junk about picking the port and setting constants.  It wasn't necessary for what I needed.

Thanks.

William Olson


private void ChangePassword()
{
  DirectoryEntry oNewUser, oDE;
  Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

  string ADDomain = oUtil.GetAppStringSetting("ADDomain");
  string ADServer = oUtil.GetAppStringSetting("ADServer");
  string ADContext = oUtil.GetAppStringSetting("ADContext");
  string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
  string DomainName = oUtil.GetAppStringSetting("DomainName");
  string ADAdminUser = oUtil.GetAppStringSetting("ADAdminUser");
  string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

  try
  {
    oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword");
    DirectorySearcher deSearch = new DirectorySearcher();
    deSearch.SearchRoot = oDE;
    deSearch.Filter = "(sAMAccountName=hobbes)";
    deSearch.SearchScope = SearchScope.Subtree;
    SearchResult results = deSearch.FindOne();

    if(results != null)
    {

NOTE: "MyDomain.local\\administrator" doesn't work well from the web or app .config file.  I found it better to specify the logon id as administrator@myDomain.local in my config file.  Otherwise, you get the @ symbol infront of the variable and it does not get interpreted well.

      oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword);
      oNewUser.Invoke("SetPassword", new object[] {"cat999"});
      //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
    }
    else
    {
      oNewUser = null;
    }
    lblStatus.Visible = true;
    lblStatus.Text = "Successfully change password.";
    }
    catch (Exception ex)
    {
      lblStatus.Text = ex.Message;
    }
}
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18109043
PAQed with points refunded (500)

Computer101
EE Admin
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article series is supposed to shed some light on the use of IDisposable and objects that inherit from it. In essence, a more apt title for this article would be: using (IDisposable) {}. I’m just not sure how many people would ge…
This article introduced a TextBox that supports transparent background.   Introduction TextBox is the most widely used control component in GUI design. Most GUI controls do not support transparent background and more or less do not have the…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question