oUser.Invoke("SetPassword",
New [Object]() {NewPassword})
oUser.Close()
EndSub'SetUserPassword
I know the call to GetDirectoryObject(LDAPDomain) works correctly because I use it to obtain other user and group properties that I can change and update
OK.
If it’s any help, the code fails with an innerException message of
"The network path was not found.”
I am at a loss here so any pointers will be greatly appreciated.
You will have to explain your setup a bit more to help you troubleshoot this. Impersonation? Explicit Credentials? How is IIS configured? Is this same domain, diff domain, etc? All of these things will come into play here.
I am passing explicit credentials - the server admin and the server is in the same domain.
Currently I am developing on a win2k machine and using the AD from the domain server which is running SBS 2003.
The application is an intranet. IIS 5 is currently running on the win2k box and the security is set to integrated windows, application protection set to low (IIS Process) and execute permissions set to scripts and executables.
The browser is IE6 and has the localhost set in the intranet zone.
I can do everything else such as view, add, remove and amend users and groups, it's only the setting of a user password that is causing me a problem.
Hope that's enough info.
Thanks
Terry.
The credentials you use must have permission to reset the user's password. Typically a local server admin will not have permission to use this functionality as it is limited to the domain admin. Since you are using Windows 2000, you are facing additional
challenges as well. Basically, Windows 2000 will completely ignore the explicit credentials you have put on the DirectoryEntry and instead use the credentials of the thread. Windows 2003 seems to do a better job of respecting your credential choice.
There is some code in there that might help you troubleshoot this issue. Personally, I think the best choice for you (if you want to use Windows 2000 for the IIS server, that is) is to pull the SetPassword code into a managed COM+ component and run it with
a service account that has permission to do what you wish. It is not too terribly difficult.
What you are saying makes sense. Ultimately, the solution will be running on an SBS2003 machine but I don't have access to run the project or develop from there just yet.
I have to work on something else for the next week, so I'll hopefully get back to this shortly and try your suggestions.
terryrey
Member
606 Points
136 Posts
Unable to set user password
Aug 03, 2005 11:04 AM|LINK
Hi,
I’ve gone through the posts in the forum and seen plenty of references to my problem, but cannot seem to find a solution that works.
I’m trying to allow an office administrator to change a users password in an ASP.NET page.
This is the code
Public Shared Sub SetUserPassword(ByVal UserName As String, ByVal NewPassword As String)
'get reference to user
Dim LDAPDomain As String = ADPath + "/CN=" + UserName + ",CN=Users,DC=TestDomain,DC=local"
Dim oUser As DirectoryEntry = GetDirectoryObject(LDAPDomain)
oUser.AuthenticationType = AuthenticationTypes.Secure
oUser.Invoke("SetPassword", New [Object]() {NewPassword})
oUser.Close()
End Sub 'SetUserPassword
I know the call to GetDirectoryObject(LDAPDomain) works correctly because I use it to obtain other user and group properties that I can change and update OK.
If it’s any help, the code fails with an innerException message of "The network path was not found.”
I am at a loss here so any pointers will be greatly appreciated.
Thanks
Terry.
dunnry
Star
9098 Points
1806 Posts
Re: Unable to set user password
Aug 03, 2005 05:57 PM|LINK
Weblog
The Book
LDAP Programming Help
terryrey
Member
606 Points
136 Posts
Re: Unable to set user password
Aug 03, 2005 06:39 PM|LINK
Hi Ryan thanks for the response.
I am passing explicit credentials - the server admin and the server is in the same domain.
Currently I am developing on a win2k machine and using the AD from the domain server which is running SBS 2003.
The application is an intranet. IIS 5 is currently running on the win2k box and the security is set to integrated windows, application protection set to low (IIS Process) and execute permissions set to scripts and executables.
The browser is IE6 and has the localhost set in the intranet zone.
I can do everything else such as view, add, remove and amend users and groups, it's only the setting of a user password that is causing me a problem.
Hope that's enough info.
Thanks
Terry.
dunnry
Star
9098 Points
1806 Posts
Re: Unable to set user password
Aug 04, 2005 02:36 PM|LINK
The credentials you use must have permission to reset the user's password. Typically a local server admin will not have permission to use this functionality as it is limited to the domain admin. Since you are using Windows 2000, you are facing additional challenges as well. Basically, Windows 2000 will completely ignore the explicit credentials you have put on the DirectoryEntry and instead use the credentials of the thread. Windows 2003 seems to do a better job of respecting your credential choice.
Have you read the following?:
http://forums.asp.net/316534/ShowPost.aspx
There is some code in there that might help you troubleshoot this issue. Personally, I think the best choice for you (if you want to use Windows 2000 for the IIS server, that is) is to pull the SetPassword code into a managed COM+ component and run it with a service account that has permission to do what you wish. It is not too terribly difficult.
Weblog
The Book
LDAP Programming Help
terryrey
Member
606 Points
136 Posts
Re: Unable to set user password
Aug 04, 2005 04:23 PM|LINK
Hi Ryan,
What you are saying makes sense. Ultimately, the solution will be running on an SBS2003 machine but I don't have access to run the project or develop from there just yet.
I have to work on something else for the next week, so I'll hopefully get back to this shortly and try your suggestions.
Thanks.
Terry.