EDN Admin
Well-known member
I have C# web app utilizing AD LDS for authentication. Have all things worked out (authenticate, add user, search users...) but am unable to reset a users password. I found that there is a default setting in LDS that does not allow password reset
over insecure connection. So I changed this value to "<span class="x_x_x_ft allow passwd op on unsecured connection".
Note this is a temporary stop-gap.
<span class="x_x_x_ft However, this did not improve my results. Still cannot change password. Here is my code:
<pre class="prettyprint de = new DirectoryEntry(ConfigurationManager.AppSettings["ldap"] + ConfigurationManager.AppSettings["ldapDNroot"]);
deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=user) (cn=" + username + "))";
SearchResult result = deSearch.FindOne();
if (result != null)
{
deUser = new DirectoryEntry(result.Path);
deUser.AuthenticationType = AuthenticationTypes.None;
deUser.Username = @"CN=adminuser,CN=Roles,CN=webapp1,DC=xxxx,DC=yyyy";
deUser.Password = @"userpass";
deUser.Invoke("SetPassword", new object[] { newpassword });
deUser.Properties["LockOutTime"].Value = 0;
deUser.CommitChanges();
}[/code]
The Username and Password being set to gain auth are definitely valid and this user is in Admin group. So it would seem that LDS is still not allowing this over unsecured connection or there is something wrong with how I am formatting/setting the auth
credentials.
Process is dying on deUser.Invoke. All prior lines are successful and have good objects. Error is "Exception has been thrown by the target of an invocation.". But I have learned that this generally means no auth to complete task.
Appreciate any suggestions.
Thanks PPJJ
<span class="x_x_x_ft
<br/>
<br/>
View the full article
over insecure connection. So I changed this value to "<span class="x_x_x_ft allow passwd op on unsecured connection".
Note this is a temporary stop-gap.
<span class="x_x_x_ft However, this did not improve my results. Still cannot change password. Here is my code:
<pre class="prettyprint de = new DirectoryEntry(ConfigurationManager.AppSettings["ldap"] + ConfigurationManager.AppSettings["ldapDNroot"]);
deSearch = new DirectorySearcher();
deSearch.SearchRoot = de;
deSearch.Filter = "(&(objectClass=user) (cn=" + username + "))";
SearchResult result = deSearch.FindOne();
if (result != null)
{
deUser = new DirectoryEntry(result.Path);
deUser.AuthenticationType = AuthenticationTypes.None;
deUser.Username = @"CN=adminuser,CN=Roles,CN=webapp1,DC=xxxx,DC=yyyy";
deUser.Password = @"userpass";
deUser.Invoke("SetPassword", new object[] { newpassword });
deUser.Properties["LockOutTime"].Value = 0;
deUser.CommitChanges();
}[/code]
The Username and Password being set to gain auth are definitely valid and this user is in Admin group. So it would seem that LDS is still not allowing this over unsecured connection or there is something wrong with how I am formatting/setting the auth
credentials.
Process is dying on deUser.Invoke. All prior lines are successful and have good objects. Error is "Exception has been thrown by the target of an invocation.". But I have learned that this generally means no auth to complete task.
Appreciate any suggestions.
Thanks PPJJ
<span class="x_x_x_ft
<br/>
<br/>
View the full article