V
venkatkri5h
Guest
Code Snippet that works using ad ds credentials.The Same doesn't work when provided with ad lds credentials.(Throws incorrect username or password exception)
const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
const long ADS_OPTION_PASSWORD_METHOD = 7;
const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
const int ADS_PASSWORD_ENCODE_CLEAR = 1;
int intPort = 0;
intPort = Int32.Parse(port1); //port1 is where ad lds server runs on
String Path;
Path = "LDAP://" + dc1 + ":" + port1 + "/" + ResetUserDN;
DirectoryEntry compEntries ;
AuthenticationTypes authtype = AuthenticationTypes.Signing | AuthenticationTypes.Sealing | AuthenticationTypes.Secure;
compEntries = new DirectoryEntry(Path, UserName, Password, authtype);
compEntries.Invoke("SetOption", new object[] { ADS_OPTION_PASSWORD_PORTNUMBER, intPort });
compEntries.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR});
compEntries.RefreshCache();
compEntries.Invoke("SetPassword", new object[] { password });
Below is the code that works when ssl is setup for ad lds and uses ad lds credentials.
String Path;
Path = "LDAP://" + dc1 + ":" + port1 + "/" + ResetUserDN;
DirectoryEntry compEntries = new DirectoryEntry(Path, UserDN, Password, AuthenticationTypes.SecureSocketsLayer);
compEntries.Invoke("SetPassword", new object[] { password });
Is There an alternative way to reset password without having to setup ssl for ad lds as i cannot ask the customer to setup ssl for ad lds. Only other way i could get to bind to ad lds using ad lds credentials, was by using AuthenticationTypes.None and i could not set password using that DirectoryEntry object(Exception Ox8000500D
irectory property cannot be found in cache).
Tried this(below) to disable "Password operations over ldaps only" policy in active directory but doesn't work for me.
C:\Windows\system32>dsmgmt
dsmgmt: ds behavior
AD DS/LDS behavior: connections
server connections: connect to server localhost
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
server connections: quit
AD DS/LDS behavior: allow passwd op on unsecured connection
Successfully modified DS Behavior to reset password over unsecured network.
AD DS/LDS behavior: list current ds-behavior
Password operations on unsecured connection: Allowed.
AD DS/LDS behavior: quit
dsmgmt: quit
Any help would be much appreciated .thanks in advance!!
Continue reading...
const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
const long ADS_OPTION_PASSWORD_METHOD = 7;
const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
const int ADS_PASSWORD_ENCODE_CLEAR = 1;
int intPort = 0;
intPort = Int32.Parse(port1); //port1 is where ad lds server runs on
String Path;
Path = "LDAP://" + dc1 + ":" + port1 + "/" + ResetUserDN;
DirectoryEntry compEntries ;
AuthenticationTypes authtype = AuthenticationTypes.Signing | AuthenticationTypes.Sealing | AuthenticationTypes.Secure;
compEntries = new DirectoryEntry(Path, UserName, Password, authtype);
compEntries.Invoke("SetOption", new object[] { ADS_OPTION_PASSWORD_PORTNUMBER, intPort });
compEntries.Invoke("SetOption", new object[] {ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR});
compEntries.RefreshCache();
compEntries.Invoke("SetPassword", new object[] { password });
Below is the code that works when ssl is setup for ad lds and uses ad lds credentials.
String Path;
Path = "LDAP://" + dc1 + ":" + port1 + "/" + ResetUserDN;
DirectoryEntry compEntries = new DirectoryEntry(Path, UserDN, Password, AuthenticationTypes.SecureSocketsLayer);
compEntries.Invoke("SetPassword", new object[] { password });
Is There an alternative way to reset password without having to setup ssl for ad lds as i cannot ask the customer to setup ssl for ad lds. Only other way i could get to bind to ad lds using ad lds credentials, was by using AuthenticationTypes.None and i could not set password using that DirectoryEntry object(Exception Ox8000500D
irectory property cannot be found in cache).Tried this(below) to disable "Password operations over ldaps only" policy in active directory but doesn't work for me.
C:\Windows\system32>dsmgmt
dsmgmt: ds behavior
AD DS/LDS behavior: connections
server connections: connect to server localhost
Binding to localhost ...
Connected to localhost using credentials of locally logged on user.
server connections: quit
AD DS/LDS behavior: allow passwd op on unsecured connection
Successfully modified DS Behavior to reset password over unsecured network.
AD DS/LDS behavior: list current ds-behavior
Password operations on unsecured connection: Allowed.
AD DS/LDS behavior: quit
dsmgmt: quit
Any help would be much appreciated .thanks in advance!!
Continue reading...