How do I reset an AD LDS account password in .NET?

I need to create a web-based .NET web application for creating a new AD LDS user account and assigning a password to it.  The web-form will be hosted in IIS 7 on a different server than the AD LDS server.  Presently, my code is able to create and assign attributes to a new AD LDS user.  However, when I try to reset the password of the user, I run into an exception:


System.Reflection.TargetInvocationException was unhandled by user code
Message="Exception has been thrown by the target of an invocation."
at System.DirectoryServices.DirectoryEntry.Invoke(String methodName,
Object[] args)
at SierraSys.LdapAdminTool.Web.CreateUser.OnPreRender(EventArgs e) in
C:\PROJECTS\Internal\LdapAdminTool\LdapAdmin1.0\Web\CreateUser.aspx.cs:line 62
at System.Web.UI.Control.PreRenderRecursiveInternal()
at System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)



The directory property cannot be found in the cache.


I have read through various web resources that SSL must be enabled for the LDAP provider/ AD LDS to allow for remote password resets invoked through code (eg.  I have generated a self-signed certificate using selfssl.exe and assigned it to the Trusted Root Certificates Authorities certificate store on both the AD LDS server and the web server hosting the .NET form. I have also followed instructions on configuring SSL for AD LDS from this MSDN article:

I have confirmed through ldp.exe that the SSL connection for AD LDS is working.

At a major roadblock here. Any assistance or suggestions with this much appreciated.
using(DirectoryEntry de = new DirectoryEntry(
                "USERPASSWORD", AuthenticationTypes.SecureSocketsLayer)) {
                DirectoryEntry newUser = de.Children.Add("CN=testuser1", "user");
                newUser.Invoke("Put", new Object[] { "displayName", "User, Test" });
                newUser.Invoke("Put", new Object[] { "givenName", "Test" });
                newUser.Invoke("Put", new Object[] { "mail", "" });
                newUser.Invoke("Put", new Object[] { "company", "ABC" });
                newUser.Invoke("Put", new Object[] { "sn", "User" });
                newUser.Invoke("Put", new Object[] { "telephoneNumber", "1 604 123-1234" });
                newUser.Invoke("Put", new Object[] { "description", "User description." });
                // EXCEPTION THROWN HERE
                newUser.Invoke("SetPassword", new Object[] { "THEUSERPASSWORD" });

Open in new window

Who is Participating?
blizzyConnect With a Mentor Author Commented:
Solved it....

It looks like AD LDS does not like the SetPassword command.  I found an article on how to do this in ldp.exe and adapted it for .NET:

My code now reads:

                newUser.Invoke("Put", new Object[] { "userpassword", "THEPASSWORD" });

Open in new window

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.