Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 352
  • Last Modified:

changing a password in active directory

I have the following code:
private void ChangePassword()
{
   const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
   const long ADS_OPTION_PASSWORD_METHOD = 7;
   const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
   const int ADS_PASSWORD_ENCODE_CLEAR   = 1;
   int intPort = 389;
   DirectoryEntry oNewUser, oDE;

   Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

   string ADDomain = oUtil.GetAppStringSetting("ADDomain");
   string ADServer = oUtil.GetAppStringSetting("ADServer");
   string ADContext = oUtil.GetAppStringSetting("ADContext");
   string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
   string DomainName = oUtil.GetAppStringSetting("DomainName");
   string ADAdminUser = DomainName + oUtil.GetAppStringSetting("ADAdminUser");
   string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

   oDE = new DirectoryEntry(ADPath, ADAdminUser, ADAdminPassword, AuthenticationTypes.Secure);
   DirectorySearcher deSearch = new DirectorySearcher();
   deSearch.SearchRoot = oDE;
   deSearch.Filter = "(sAMAccountName=hobbes)";
   deSearch.SearchScope = SearchScope.Subtree;
   SearchResult results= deSearch.FindOne();

   if(results !=null)
   {
     oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword, AuthenticationTypes.ServerBind);
     oNewUser.RefreshCache();
   }
   else
   {
     oNewUser = null;
   }

   lblStatus.Visible = true;

   try
   {
     lblStatus.Text = "Got part way...";
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_PORTNUMBER, intPort});
     oNewUser.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR});
     //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
***BLOWS UP BELOW ON THE NEXT LINE***
     oNewUser.Invoke("SetPassword", new object[] {"abc111"});
     lblStatus.Text = "Successfully change password.";
   }
   catch (Exception ex)
   {
     lblStatus.Text = ex.Message;
   }
}

I know I have the right object in AD.  I can explore the oNewUser object and verify that the various parts of it are all filled out.
Path  "LDAP://depot.e-olsons.local/CN=Calvinetta Hobbes,OU=TestOU,OU=MyBusiness,DC=e-Olsons,DC=local"      string
As you can see, I found my cat.

However, I am getting the following error:
Exception has been thrown by the target of an invocation.  {"The server is unwilling to process the request." }

For further reference - web.config has the following which the oUtil object is reading in:
  <appSettings>
    <add key="ADServer" value="depot.e-olson.local/" />
    <add key="DomainName" value="e-olson\" />
    <add key="ADAdminUser" value="xxx000" />
    <add key="ADAdminPassword" value="abc123" />
    <add key="ADPath" value="LDAP://" />
    <add key="ADDomain" value="DC=e-olson, DC=local" />
    <add key="ADContext" value="OU=TestOU, OU=MyBusiness" />
  </appSettings>

At my workstation, I am an enterprise, domain, admin equivalent.  I used the actual domain admin information in the web.config (obviously cut out above).

I have tried LOTS of sample versions I found on the web and I cannot get past this problem.  It blows up where I put the *** marker.  I am at home with my own Windows 2003 Small Business server and I am using the administrative account in web.config to load all the information about the domain.  It is service packed to the hilt.  I am running VisualStudio 2003 SP1 and my XP Pro system is service packed to the hilt.  I have the framework v1.1 with added security patches, too.  I have tried variations on AuthenticationTypes.Secure, None, etc...

I am SOOO frustrated.  Any ideas on why my server is so unwilling?

William
0
wjolson
Asked:
wjolson
  • 2
1 Solution
 
RubenvdLindenCommented:
Can you alter the code a bit and run it as a WinForm application?
If it runs from there, you'll know the code is correct and you need to look for a problem with the webserver.
0
 
wjolsonAuthor Commented:
Ok.  I created a WinForm this AM and there is no difference.  It blows up on the same line with the same exact message.  I am still stuck.

William
0
 
wjolsonAuthor Commented:
And the solution to this problem seems to have been 2 fold.  

First, I noticed that if I typed in a user id and password directly such as this...
oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword"); -- the error message changed.

Also, I got rid of the ...AuthenticationTypes.Secure, or None, etc...  I suppose this implies I am doing things in clear text, but it is okay for my app.

I have posted the code below that worked for me.  As you will notice I dropped all the other junk about picking the port and setting constants.  It wasn't necessary for what I needed.

Thanks.

William Olson


private void ChangePassword()
{
  DirectoryEntry oNewUser, oDE;
  Utility_Lib.C_Web oUtil = new Utility_Lib.C_Web();

  string ADDomain = oUtil.GetAppStringSetting("ADDomain");
  string ADServer = oUtil.GetAppStringSetting("ADServer");
  string ADContext = oUtil.GetAppStringSetting("ADContext");
  string ADPath = oUtil.GetAppStringSetting("ADPath") + ADServer + ADContext + ", " + ADDomain;
  string DomainName = oUtil.GetAppStringSetting("DomainName");
  string ADAdminUser = oUtil.GetAppStringSetting("ADAdminUser");
  string ADAdminPassword = oUtil.GetAppStringSetting("ADAdminPassword");

  try
  {
    oDE = new DirectoryEntry(ADPath, "MyDomain.local\\administrator", "adminPassword");
    DirectorySearcher deSearch = new DirectorySearcher();
    deSearch.SearchRoot = oDE;
    deSearch.Filter = "(sAMAccountName=hobbes)";
    deSearch.SearchScope = SearchScope.Subtree;
    SearchResult results = deSearch.FindOne();

    if(results != null)
    {

NOTE: "MyDomain.local\\administrator" doesn't work well from the web or app .config file.  I found it better to specify the logon id as administrator@myDomain.local in my config file.  Otherwise, you get the @ symbol infront of the variable and it does not get interpreted well.

      oNewUser = new DirectoryEntry(results.Path, ADAdminUser, ADAdminPassword);
      oNewUser.Invoke("SetPassword", new object[] {"cat999"});
      //oNewUser.Invoke("ChangePassword", new object[] {"evertest", "abc111"});
    }
    else
    {
      oNewUser = null;
    }
    lblStatus.Visible = true;
    lblStatus.Text = "Successfully change password.";
    }
    catch (Exception ex)
    {
      lblStatus.Text = ex.Message;
    }
}
0
 
Computer101Commented:
PAQed with points refunded (500)

Computer101
EE Admin
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now