Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices
From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 05/12/04
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Previous message: Mathieu Chavoutier: "Re: MSWord to PDF"
- In reply to: Ben Dewey: "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Next in thread: Fabrizio: "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 12 May 2004 10:28:11 -0500
That is a good question which is probably better posed to the interop
newsgroup than anywhere else. My assumption is that that CCW takes care of
that for you, but I don't know for sure.
Joe K.
"Ben Dewey" <AspiringMVP@hotmail.com> wrote in message
news:e%23blmCCOEHA.540@TK2MSFTNGP11.phx.gbl...
> Joe,
>
> Along these lines, if you are using some ActiveDs Objects in C#, ie.
SecUtil
> and SecDescp Classes, what is the best way to dispose of them?
>
> "Joe Kaplan (MVP - ADSI)" <joseph.e.kaplan@removethis.accenture.com> wrote
> in message news:OjV98C6NEHA.3348@TK2MSFTNGP09.phx.gbl...
> > Also, you should really never bind to AD supplying credentials without
> > adding AuthenticationTypes.Secure to your DirectoryEntry constructor.
> > Otherwise you are using simple bind and credentials are passed in clear
> text
> > over the network.
> >
> > Additionally, it is always a good idea to call Dispose on all of the
> > IDisposable S.DS classes, DirectoryEntry, DirectorySearcher and
> > SearchResultCollection, or they will tend to leak memory.
DirectoryEntry
> is
> > especially problematic because the Finalize method has a bug where it
> > doesn't release the underlying COM object (fixed in Whidbey). C# folks
> can
> > use the "using" construct.
> >
> > Joe K.
> >
> > "Ben Dewey" <ben.dewey@scientiae.com> wrote in message
> > news:%23bTbma4NEHA.556@TK2MSFTNGP10.phx.gbl...
> > > Fabrizio,
> > >
> > > Try to the usr.Invoke('SetPassword', new object[]{"new password"});
> > >
> > > or I actually use:
> > >
> > > using System;
> > > using System.DirectoryServices;
> > >
> > > using ActiveDs;
> > >
> > > public static void ChangePassword(string username, string password)
> > > {
> > > try
> > > {
> > > DirectoryEntry de = new DirectoryEntry(LdapPath, LdapUser,
> > > LdapPassword);
> > > DirectorySearcher search = new DirectorySearcher(de,
> > > "(samAccountName=" + username+ ")");
> > > SearchResult result = search.FindOne();
> > > return new DsUser(result.GetDirectoryEntry());
> > > // Set Password and Enable Account
> > > IADsUser objUser = (IADsUser)user.NativeObject;
> > > objUser.SetPassword(password);
> > > }
> > > catch(Exception exp)
> > > {
> > > throw exp;
> > > }
> > > }
> > >
> > > This doesn't require you have know the old password and might help
> resolve
> > > your authetication issues. That is, assuming you are authenticating
to
> AD
> > > successfully. Let me know if this helps. If not, What line are you
> > getting
> > > the error message on.
> > >
> > >
> > > "Fabrizio" <xxxfabrizio_viggianixxx@xxxhotmail.com> wrote in message
> > > news:eL6C833NEHA.680@TK2MSFTNGP11.phx.gbl...
> > > > (Sorry for the crosspost, but I really don't know which is the right
> > > > newsgroup!)
> > > > Hi all,
> > > >
> > > > I try to change the password to a user that as to change the
password
> at
> > > > first logon:
> > > > try
> > > >
> > > > {
> > > >
> > > > DirectoryEntry de = new DirectoryEntry();
> > > >
> > > > de.AuthenticationType = AuthenticationTypes.ServerBind |
> > > > AuthenticationTypes.Secure;
> > > >
> > > > de.Path = "LDAP://10.0.50.20/cn=users,dc=newtesthp,dc=com";
> > > >
> > > > de.Username = "cn=fv,cn=users,dc=newtesthp,dc=com";
> > > >
> > > > de.Password = "fv";
> > > >
> > > > DirectorySearcher ds = new DirectorySearcher(de, "cn=fv");
> > > >
> > > > SearchResult sr = ds.FindOne();
> > > >
> > > > DirectoryEntry usr = sr.GetDirectoryEntry();
> > > >
> > > > usr.Invoke("ChangePassword",new object[]{"fv","12345qwert"});
> > > >
> > > > usr.CommitChanges();
> > > >
> > > > }
> > > >
> > > > catch(Exception e)
> > > >
> > > > {
> > > >
> > > > Console.WriteLine(e.Message);
> > > >
> > > > }
> > > >
> > > > I an exception that says "Logon failure: unknown user name or bad
> > > password"
> > > > and it seems to me that I have
> > > > no way neither to change the password nor to distinguish a wrong
> > > credential
> > > > error from a an error due to a disabled account, a password expired.
> > > >
> > > > Do you have any suggestion to solve this problem.
> > > >
> > > > Thanks
> > > >
> > > > Fabrizio
> > > >
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Previous message: Mathieu Chavoutier: "Re: MSWord to PDF"
- In reply to: Ben Dewey: "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Next in thread: Fabrizio: "Re: Changing Password to an account that has to change password at first logon using System.DirectoryServices"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
