Results 1 to 4 of 4

Thread: Changing passwords in the Active Directory with a web app.

  1. #1

    Thread Starter
    Fanatic Member
    Join Date
    Jun 2002
    Posts
    586

    Changing passwords in the Active Directory with a web app.

    We need to change passwords in the Active Directory with a web app.

    This functionality worked OK for us with classic ASP and IIS 6.

    We are now switching to Windows Server 2008 and IIS 7.

    We noticed when we did that, that there were issues with changing password, specifically that, apparently, the code is acting like the user that is making the password change is trying to do it with their own authority, and thus they get an access denied error. This seems to be the case since when some admins change their password it works, but for our test users it doesn't work anymore like it does on the IIS 6 server.

    I know that IIS 7 is its own animal, and I am wondering if anyone has any ideas what the solution might be?

    Here is the code we are trying to get to work. I realize the issue may not be the code but the IIS settings, but we have tried a number of things to no avail. For the users it fails with, it gets an access denied once it gets to the "Invoke" call, 2nd line from the last. Please let me know if any ideas. Thanks!

    Jim

    Code:
    			try
    			{
    				DirectorySearcher search = new DirectorySearcher(strLDAPDomain);
    				//search.Filter = "(&(sAMAccountName=" + strUserId + ")(mail=" + strEmail + "));sAMAccountName;subtree";// 
    				search.Filter = "(&(sAMAccountName=" + strUserId + ")(mail=" + strEmail + "))";	//(mail=" + strEmail + ")
    				var propertiesToLoad = new[] 
    				  { 
    					  "SAMAccountName", 
    					  "mail" 
    				  };
    				search.PropertiesToLoad.AddRange(propertiesToLoad);
    				
    				SearchResult searchEntry = search.FindOne();
    				
    
    				if (searchEntry != null)
    				{
    					Random random = new Random();
    					string temp = "";
    					while (temp.Length<9)
    					{
    						temp = temp + ((char)('A' + random.Next(0, 25))).ToString();
    						temp = temp + ((char)('a' + random.Next(0, 25))).ToString();
    						temp = temp + ((char)('0' + random.Next(0, 9))).ToString();
    
    						temp = temp.Replace(".", "");
    						temp = temp.Replace("-", "");
    					}
    
    					try
    					{		
    						DirectoryEntry myDirectoryEntry = new DirectoryEntry(@"WinNT://" + strDomain + "/" + strUserId + ", user");
    						myDirectoryEntry.RefreshCache();
    
    						myDirectoryEntry.Invoke("SetPassword", new object[] { temp });
    						myDirectoryEntry.CommitChanges();

  2. #2

    Thread Starter
    Fanatic Member
    Join Date
    Jun 2002
    Posts
    586

    Re: Changing passwords in the Active Directory with a web app.

    Please noboby get whiplash by responding too quick with a suggestion. :-)

    Jim

  3. #3
    Hyperactive Member
    Join Date
    Jan 2010
    Posts
    259

    Re: Changing passwords in the Active Directory with a web app.

    Is the context the web application running under allowed to change AD settings?

  4. #4

    Thread Starter
    Fanatic Member
    Join Date
    Jun 2002
    Posts
    586

    Re: Changing passwords in the Active Directory with a web app.

    What context should it be and how should we set it? Also, it is not currently a web application but an empty web page in c#.

    Jim

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width