So my task was to reset passwords for folks, not have users reset their own passwords.
Finding information to do this was a bit daunting but after a few hours I erected working code and thought I would share.
Not the prettiest code but.....I hope this helps someone.
The function assumes that the website is using basic authentication and returns "Success" or an error message.
Protected Function SetUserPassword(ByVal userid As String)
Try
Dim newpassword as string = "summer"
Dim de As DirectoryEntry = New DirectoryEntry()
de.Path = "LDAP://<domain>/CN=Users,DC=<blah>,DC=<blah>,DC=<blah>"
de.Username = Request.ServerVariables("LOGON_USER")
de.Password = Request.ServerVariables("AUTH_PASSWORD")
de.AuthenticationType = AuthenticationTypes.Secure
Dim searcher As New System.DirectoryServices.DirectorySearcher()
searcher.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" & userid & "))"
searcher.PropertiesToLoad.Add("adspath")
Dim Result As System.DirectoryServices.SearchResult = searcher.FindOne()
Dim test As New DirectoryServices.DirectoryEntry(Result.Path)
Try
test.Invoke("setpassword", newpassword)
test.CommitChanges()
Catch err As Exception
Return err.Message
End Try
Catch ex As Exception
Return ex.Message
End Try
Return "Success"
When searching for an object in AD, the object potentially doesn't exist and thus the search will return a null value. Therefore, you should test the returned object for null before using it. Also, you can call SearchResult.GetDirectoryEntry to obtain the
DirectoryEntry associated with that search result. And don't forget to dispose all DirectorySearcher and DirectoryEntry objects after done.
Dim Result As System.DirectoryServices.SearchResult = searcher.FindOne()
If Result IsNot Nothing Then
Dim test AsNewDirectoryServices.DirectoryEntry = Result.GetDirectoryEntry Try test.Invoke("setpassword", newpassword) test.CommitChanges() test.Dispose() Catch err AsException Return err.Message Finally searcher.Dispose() EndTry
whoopes
Member
30 Points
25 Posts
How I Did It: VB.NET Domain Password Reset
Feb 20, 2007 04:48 PM|LINK
So my task was to reset passwords for folks, not have users reset their own passwords.
Finding information to do this was a bit daunting but after a few hours I erected working code and thought I would share.
Not the prettiest code but.....I hope this helps someone.
The function assumes that the website is using basic authentication and returns "Success" or an error message.
Protected Function SetUserPassword(ByVal userid As String) Try Dim newpassword as string = "summer" Dim de As DirectoryEntry = New DirectoryEntry() de.Path = "LDAP://<domain>/CN=Users,DC=<blah>,DC=<blah>,DC=<blah>" de.Username = Request.ServerVariables("LOGON_USER") de.Password = Request.ServerVariables("AUTH_PASSWORD") de.AuthenticationType = AuthenticationTypes.Secure Dim searcher As New System.DirectoryServices.DirectorySearcher() searcher.Filter = "(&(objectClass=user)(objectCategory=person)(sAMAccountName=" & userid & "))" searcher.PropertiesToLoad.Add("adspath") Dim Result As System.DirectoryServices.SearchResult = searcher.FindOne() Dim test As New DirectoryServices.DirectoryEntry(Result.Path) Try test.Invoke("setpassword", newpassword) test.CommitChanges() Catch err As Exception Return err.Message End Try Catch ex As Exception Return ex.Message End Try Return "Success"vcsjones
All-Star
34842 Points
4424 Posts
Moderator
MVP
Re: How I Did It: C# Domain Password Reset
Feb 20, 2007 05:19 PM|LINK
For those interested, here it is in C# with a few changes, but functionally identical.
public string SetUserPassword(string userid) { try { string newpassword = "summer"; DirectoryEntry de = new DirectoryEntry(); de.Path = "LDAP://<domain>/CN=Users,DC=<blah>,DC=<blah>,DC=<blah>"; de.Username = Request.ServerVariables("LOGON_USER"); de.Password = Request.ServerVariables("AUTH_PASSWORD"); de.AuthenticationType = AuthenticationTypes.Secure; DirectorySearcher searcher = new DirectorySearcher(); searcher.Filter = "(&(objectClass=user)(objectCategory=person)(SAMAccountName=" + userid + "))"; searcher.PropertiesToLoad.Add("adspath"); SearchResult Result = searcher.FindOne(); DirectoryEntry test = new DirectoryEntry(Result.Path); test.Invoke("SetPassword", newpassword); test.CommitChanges(); return "Success"; } catch (Exception e) { return e.Message; } }stanav
Member
2 Points
1 Post
Re: How I Did It: VB.NET Domain Password Reset
Nov 30, 2012 07:25 PM|LINK
When searching for an object in AD, the object potentially doesn't exist and thus the search will return a null value. Therefore, you should test the returned object for null before using it. Also, you can call SearchResult.GetDirectoryEntry to obtain the DirectoryEntry associated with that search result. And don't forget to dispose all DirectorySearcher and DirectoryEntry objects after done.