Hello,
I want to allow users to change their passwords for local accounts. I programmed it on laptop with XP and it works fine but when using code on W2K it fails. I have dotNET FW 1.1 loaded and have modified the machine.config so processModel runs under SYSTEM. Also I have edited the local policy on the W2K machine to allow ASPNET account to 'Act as Part of OS' and rebooted it. I use impersonation, to an account with admin privileges, for the part of the code when the password is changed . I basically followed MS KB article 306271 and changed the part from adding a user to finding the user and then invoking the ChangePassword command. Web.config is set for windows authentication.


I have hard coded the user account and old & new passwords for testing purposes.

 


If impersonateValidUser("admin", ".", "123456") Then


        Try


          Dim AD As DirectoryEntry = _


            New DirectoryEntry("WinNT://" + Environment.MachineName + ",computer")


          Dim NewUser As DirectoryEntry = AD.Children.Find("TestUser1", "user")





          NewUser.Invoke("ChangePassword", New Object() {"1234", "4321"})


          NewUser.CommitChanges()


          'Dim grp As DirectoryEntry


          lblError.Text = "Your password was changed."


        Catch ex As Exception


          lblError.Text = ex.Message


        End Try


        undoImpersonation()


End If

When debugging, it always fails on the ChangePassword command and the error displayed is 'Exception has been thrown by the target of an invocation'. Any ideas on why W2K doesn't like it?
Thanks for any help you can provide,
Ray

Not sure you need to use impersonation here for the ASP.NET app. You can instead use the username and password that is passed from the user:

<%@ Assembly Name="System.DirectoryServices, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"%>


<%@ Import Namespace="System.DirectoryServices" %>





<HTML>


	<script language="C#" runat="server">


				


		void btnSubmit_Click(object Src, EventArgs E ) { 


			ChangePassword(txtLogin.Text, txtPassword.Text, txtNewPass.Text);


		} 





		private void ChangePassword(string username, string oldpass, string newpass)


		{


			string machineAndUser = Environment.MachineName + "\\" + username;


			string adsPath = String.Format("WinNT://{0}/{1}, user", Environment.MachineName, username);


		


			DirectoryEntry user = new DirectoryEntry(adsPath, machineAndUser, oldpass, AuthenticationTypes.Secure);


			try


			{


				user.Invoke("ChangePassword", new object[]{oldpass, newpass});


				lblMessage.Text = "Success";


			}


			catch(Exception ex)


			{


				string message = ex.Message;


				


				while((ex = ex.InnerException) != null)


				{


					message += ":: " + ex.Message; 


				}


				


				lblMessage.Text = message;


			}


			finally


			{


				user.Dispose();


			}


		}





	</script>


	<body>


		<form runat="server">


			<table>


				<tr>


					<td>User Login</td>


					<td><asp:textbox id="txtLogin" runat="server"/></td>


				</tr>


				<tr>


					<td>Password</td>


					<td><asp:textbox id="txtPassword" runat="server"/></td>


				</tr>


				<tr>


					<td>New Password</td>


					<td><asp:textbox id="txtNewPass" runat="server"/></td>


				</tr>


				<tr>


					<td colspan="2"><asp:button id="btnSubmit" runat="server" OnClick="btnSubmit_Click" Text="Change" /></td>


				</tr>


			</table>


			<asp:label id="lblMessage" runat="server"/>


		</form>


	</body>


	


</HTML>

Just run this page and it should work to reset password for any local machine accounts.

Ryan,

Excellent piece of code. I was searching for this functionality for a while......Thanks a lot....

Ryan, thanks for the response. Since I'm using VB.net, I ran your code through a translator.
I don't understand this statement and therefore, how to convert it to VB.net:

<%@ Assembly Name="System.DirectoryServices, Version=1.0.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"%>

I really appreciate your help,
Thank you.

This statement is language neutral (you can leave, as is). If you are using VS.NET, you can remove it and just reference System.DirectoryServices.dll from your project. All it is doing is telling the page to reference the System.DirectoryServices assembly from the GAC. I only included it here so that the entire page would be one self-contained solution and not require VS.NET to other people that might not be using it.

Thanks for your help. It works great.

Can someone give the VB.Net code for this? I need to change the password from a vb.net application.