kishan66
asked on
ASP.NET, Exception-: "Change Password " Active Directory
Hi,
I am trying to allow Users to change Password.
but getting this Exception in the process...after the User is Authenticated
"Unknown Name.... Exception from HRESULT:....
(Same Error as per this Ref..)
https://www.experts-exchange.com/questions/26822122/Change-Password-of-Active-Directory-user-using-C.html
Uisng C#.net, ASP.NET 2.0
if (adAuth_pwd.IsAuthenticated(username, pwd))
{
DirectoryEntry entry = new DirectoryEntry(_path, username, pwd);
try
{
entry.Invoke("ChangePassword", new object[] { pwd, ChangePassword2.NewPassword });
}
catch (Exception ex)
{
throw new Exception("Error changing password." + ex.Message);
}
}
I'd wager your _path is incorrect. I believe the path to the user should look like LDAP://CN=John Doe,OU=Users,OU=Marketing, OU=Califor nia,DC=dom ain,DC=loc al
Here's an option if you want to search the ActiveDirectory for a particular username:
string username = "jdoe";
DirectorySearcher searcher = new DirectorySearcher("(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + username + "))");
SearchResult result = searcher.FindOne();
if (result != null)
{
DirectoryEntry userEntry = result.GetDirectoryEntry();
userEntry.Invoke("ChangePassword", new object[] { "oldpw", "newpw" });
Console.WriteLine("Password Changed");
}
else
Console.WriteLine("User not found.");
Console.ReadKey();
Here's another option using a the WinNT provider:
string username = "jdoe";
DirectoryEntry userEntry = new DirectoryEntry("WinNT://domain.com/" + username + ",user");
try
{
userEntry.Invoke("ChangePassword", new object[] { "oldpw", "newpw" });
Console.WriteLine("Password changed.");
}
catch (COMException ex)
{
if (ex.ErrorCode == -2147022675)
Console.WriteLine("Could not find user.");
}
Console.ReadKey();
ASKER
Hi tgerbert,
"_path" in above case works perfectly fine. As mentioned, i could authenticate the user.
Only After Authentication successful, user can change Password.
getting Exception after Authentication successful.
entry.Invoke("ChangePasswo rd", new object[] { pwd, ChangePassword2.NewPasswor d });
"_path" in above case works perfectly fine. As mentioned, i could authenticate the user.
Only After Authentication successful, user can change Password.
getting Exception after Authentication successful.
entry.Invoke("ChangePasswo
So "_path" contains the complete path to the user (i.e. it starts with LDAP://CN=The Users Name)?
If you write DirectoryEntry entry = new DirectoryEntry("LDAP://OU= domain,OU= com", "someusername", "thecorrectpassword") then entry will be a DirectoryEntry object that represents the domain, not "someusername", and since there is no "ChangePassword" for the domain's root you get the error.
Can you put a breakpoint in your program and tell me what, exactly, is in "_path"?
If you write DirectoryEntry entry = new DirectoryEntry("LDAP://OU=
Can you put a breakpoint in your program and tell me what, exactly, is in "_path"?
ASKER
Hi tgerbert,
i modified my code little bit ...now i get new Exeption...
But i does satisfy the IF condition ...
"Error changing password.Exception has been thrown by the target of an invocation"
i modified my code little bit ...now i get new Exeption...
But i does satisfy the IF condition ...
"Error changing password.Exception has been thrown by the target of an invocation"
DirectoryEntry entry = new DirectoryEntry(_path);
try
{
DirectorySearcher searcher = new DirectorySearcher(entry, username);
searcher.Filter = "(SAMAccountName=" + username + ")";
SearchResult result = searcher.FindOne();
if(result != null)
{
DirectoryEntry userEntry = result.GetDirectoryEntry();
userEntry.Invoke("ChangePassword", new object[] { pwd, ChangePassword2.NewPassword });
}
catch (Exception ex)
{
throw new Exception("Error changing password." + ex.Message);
}
ASKER
_path = "LDAP://xx.com";
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Hi tgerbert,
So you mean to say " we have to pass the userId & pwd of the Admin who has password update permissions"? are you sure?
because, if in future we change the Admin password ...our code /Application will fail, right?
i read , if we are using SetPassword, in that case i have to use the Admin User& Password in the DirectoryEntry.
Pls correct me if wrong...
So you mean to say " we have to pass the userId & pwd of the Admin who has password update permissions"? are you sure?
because, if in future we change the Admin password ...our code /Application will fail, right?
i read , if we are using SetPassword, in that case i have to use the Admin User& Password in the DirectoryEntry.
Pls correct me if wrong...
Not necassarily. The username/password you pass to the DirectoryEntry constructor (line 3 in my snippet above http:#a35235475) must correspond to a user who has permission to change the password of "username." If you omit the username/password, then the user who's currently running the program will automatically be used. If the person running your program is already an administrator, don't pass anything for the username & password.
Normally there are two people who can change a user's password: 1) the user himself (you can change your own password), or 2) an administrator.
Normally there are two people who can change a user's password: 1) the user himself (you can change your own password), or 2) an administrator.
ASKER
Hi tgerbert,
I'm really sorry for bothering you for small issue.
I tried the same code as suggested by you in (http:#a35235475) by passing Admin username & Password. infact i tried below codes
string pwd = ChangePassword2.CurrentPas sword;
a) result.GetDirectoryEntry() .Invoke("C hangePassw ord", pwd, ChangePassword2.NewPasswor d );
b) result.GetDirectoryEntry() .Invoke("C hangePassw ord",new object[] { pwd, ChangePassword2.NewPasswor d });
In both cases i get the Exception:
its kind of frustrating....
I'm really sorry for bothering you for small issue.
I tried the same code as suggested by you in (http:#a35235475) by passing Admin username & Password. infact i tried below codes
string pwd = ChangePassword2.CurrentPas
a) result.GetDirectoryEntry()
b) result.GetDirectoryEntry()
In both cases i get the Exception:
Error changing password.Exception has been thrown by the target of an invocation.
its kind of frustrating....
ASKER
tgerbert,
When i used InnerException.Message .. i got this below exception
"Error changing password.A constraint violation occurred"
When i used InnerException.Message .. i got this below exception
"Error changing password.A constraint violation occurred"
Your password must not have conformed to your network's Password Policies. Too short, too long, was previously used, was changed too recently, etc.
ASKER
Hi Tgerbert,
i'm so sorry for the late reply ..as i was held up with other tasks...
Anay ways, i could not resolve the issue.
Dont know whether i can get back to the same question or not?
For know i will close it...
Thanks
i'm so sorry for the late reply ..as i was held up with other tasks...
Anay ways, i could not resolve the issue.
Dont know whether i can get back to the same question or not?
For know i will close it...
Thanks