Link to home
Start Free TrialLog in
Avatar of gautam_reddyc
gautam_reddyc

asked on

LDAP- Force the user to change password

i have the code to reset the user password in the Active Directory..

How to force the user to change the password after the first logon...
Please help..
Also, is there a way to track if the user changed password more than three times in a day..
Thank You...
Avatar of rasantoro
rasantoro

Try this...

dsquery user OU=test,DC=mydomain,DC=local | dsmod user
-mustchpwd yes

I am not sure about tracking the number of password changes.
Avatar of gautam_reddyc

ASKER

hi rasantoro,
   i didnt understand your solution.. Is it a C# code?

 I used the following code to unlock and reset password...

de.Properties["LockOutTime"].Value = 0x0000;

de.Invoke("SetPassword", new object[] { newPassword });

I just need the C# code to force the user to change the password after first logon..

Thank You..
Hi there,
Try...
de.Properties["pwdLastSet"].Value = 0
By setting 'pwdLastSet' this effectively will force the user to change on next login.
Tony
With regards to tracking the change, how about simply setting a minimum password age in AD to restrict how frequently they can do this?
On a domain linked GPO with your account policies:
Computer Configuration > Windows Settings > Security Settings > Account Policies > Password Policy > "Minimum Password Age"
Tony
ASKER CERTIFIED SOLUTION
Avatar of AnoopChandran
AnoopChandran

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
bluntTony, got it... iam able to force user to change pwd after theire first logon..
Do you know how to keep track of users changing their passwords... Thank You..
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
what do we use to retrieve password from AD to check if it has been reset?

string password = de.Properties["userPassword"].Value.ToString(); ??
Hi Anoop,
      Your suggestions are definately helpfull..Thank You Very Much..
      However, i dont want to close this question yet..
   
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
hi bluntTony,
   Thanks for your reply.. that's a better option..

   When i run the code to reset pwd it runs fine... how to confirm if the password has been changed??
oops , thanks for your reply and sorry to not read carefully .... :)