Re: ASP.NET ChangePassword error using ActiveDirectoryMembershipProvid
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 5 Jun 2007 23:35:33 -0400
A lot of the time people get this error because the domain has a minimum
password length like 1 day or something and you have tried to change the
password more than once within that time period. It is a subtle problem
because everything else with the password looks fine. I've never seen that
error code lie though. It can just be a little misleading.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"MikeBiro" <MikeBiro@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FCB00257-A8F5-48A6-9FE1-BFD3E0463F87@xxxxxxxxxxxxxxxx
I have an ASP.NET 2.0 site that I am using
ActiveDirectoryMembershipProvider
against Active Directory and forms authentication. I am using the drag and
drop controls from VS2005 for login, passwordRecovery, CreateUserWizard,
and
ChangePassword. I have extended the AD schema to allow for
passwordRecovery.
Everything works except changePassword. I can go into the AD and change
the
password for a user, but if I try through my web app, using a password of
the
proper length and complexity, I get an error returned saying 'The password
does not meet the password policy requirements. Check the minimum password
length, password complexity and password history requirements. (Exception
from HRESULT: 0x800708C5)' I have been struggling with this for days. Any
ideas? Here is my web.config:
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://11.134.6.2/OU=Customers,DC=pfweb,DC=net"/>
</connectionStrings>
<authentication mode="Forms">
<forms name=".ADAuthCookie" loginUrl="login.aspx"
defaultUrl="default.aspx" protection="All" timeout="30" path="/"
requireSSL="false" slidingExpiration="true" cookieless="UseDeviceProfile"
domain="" enableCrossAppRedirects="false">
<credentials passwordFormat="SHA1"/>
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<membership defaultProvider="ADMembershipProvider">
<providers>
<add name="ADMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.0.0,
Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="ADConnectionString"
connectionUsername="myweb\auth_srv"
connectionPassword="ppassword"
attributeMapUsername="sAMAccountName"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
attributeMapPasswordQuestion="PennFoster-User-forgotpwdquestion"
attributeMapPasswordAnswer="PennFoster-User-forgotpwdanswer"
attributeMapFailedPasswordAnswerCount="PennFoster-User-failedanswercount"
attributeMapFailedPasswordAnswerTime="PennFoster-User-lastfailedanswertime"
attributeMapFailedPasswordAnswerLockoutTime="PennFoster-User-accountlockedtime"
requiresUniqueEmail="true"
enableSearchMethods="false"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
applicationName="biadmin"
/>
</providers>
</membership>
.
- References:
- Prev by Date: RE: Query AD for SIP users on a Specific Server
- Next by Date: Re: Query AD for SIP users on a Specific Server
- Previous by thread: ASP.NET ChangePassword error using ActiveDirectoryMembershipProvid
- Next by thread: How to export empty fields in LDIFDE or CSVDE?
- Index(es):
Relevant Pages
|
