Solved

User Cannot Change Password problem

Posted on 2009-04-07
4
367 Views
Last Modified: 2012-05-06
I have this c# code that works to check the "User Cannot Change Password" check box but how can I unckeck it.

Thanks
string PASSWORD_GUID = "{ab721a53-1e2f-11d0-9819-00aa0040529b}";

 

            string[] trustees = new string[] { @"NT AUTHORITY\SELF", "EVERYONE" };

 

            ActiveDs.IADsSecurityDescriptor sd = (ActiveDs.IADsSecurityDescriptor)user.Properties["ntSecurityDescriptor"].Value;

            ActiveDs.IADsAccessControlList acl = (ActiveDs.IADsAccessControlList)sd.DiscretionaryAcl;

            ActiveDs.IADsAccessControlEntry ace = new ActiveDs.AccessControlEntry();

            foreach (string trustee in trustees)

            {

                ace.Trustee = trustee;

                ace.AceFlags = 0;

                ace.AceType = (int)

                ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_DENIED_OBJECT;

                ace.Flags = (int)ActiveDs.ADS_FLAGTYPE_ENUM.ADS_FLAG_OBJECT_TYPE_PRESENT;

                ace.ObjectType = PASSWORD_GUID;

                ace.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_DS_CONTROL_ACCESS;

                acl.AddAce(ace);

            }

            sd.DiscretionaryAcl = acl;

            user.Properties["ntSecurityDescriptor"].Value = sd;

            user.CommitChanges();

Open in new window

0
Comment
Question by:scanet
  • 3
4 Comments
 
LVL 18

Expert Comment

by:Americom
Comment Utility
Usually check and uncheck is just a 1 instead of 0. Have you tried it yet?
0
 

Author Comment

by:scanet
Comment Utility
Hi,

I think I tried that but I will give it another go this evening.

Thanks
0
 

Author Comment

by:scanet
Comment Utility
I tried to change ace.AceFlags = 0; to 1 but it did not work. is there another metod I could use?

Thanks
0
 

Accepted Solution

by:
scanet earned 0 total points
Comment Utility
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now