Howdy:

According toseveral many other forums, there seems to be a consistent issue with the Invoke("SetPassword, string password) in DirectoryEntry, in that it does not work! Any clues as to how to work through this problem?The code below throws an exception every time..."server is unwilling to processs the request".

As suggested in many forums, re-arranging the CommintChanges and order of operations was no help either. With the WinNT providerthis works like a champ, but LDAP no workie.

This failsagainst 2kand 2k3 domains...I am domain admin in both running from an XP system that is logged into the domain when it is run.

private void createUser()
{
DirectoryEntry adEntry = new DirectoryEntry("LDAP://mydomain");
DirectoryEntry userEntry = adEntry.Children.Add("BobUser", "User");
userEntry.Invoke("Put", new object[] { "Description", "User Description"});
userEntry.CommitChanges();
userEntry.Invoke("SetPassword", new object[] { "12345Abcd#" });
userEntry.CommitChanges();
}

Thanks in advance if anyone can point out my errors.

hagan3

setPassword has been driving me crazy too, but for different reasons. I had my domain admin create an account operator account for my .NET Web service to use and by passing the userid/pw into the DirectoryEntry constructor it works. Here is the code I am using (VB.NET) I think I found it on google. Hope this helps-

searchRoot = New DirectoryEntry(String.Format("LDAP://{0}/{1}", strDomainController, rootDN), strServiceAccountUserID, strServiceAccountPassword, AuthenticationTypes.Secure Or AuthenticationTypes.Sealing Or AuthenticationTypes.ServerBind)
searcher = New DirectorySearcher(searchRoot)
searcher.Filter = String.Format("sAMAccountName={0}", username)
searcher.SearchScope = SearchScope.Subtree
searcher.CacheResults = False
results = searcher.FindAll()

For Each result In results
userEntry = result.GetDirectoryEntry()
Exit For
Next

If userEntry Is Nothing Then
Throw New InvalidOperationException("User not found in this domain.")
End If

userEntry.Invoke("setPassword", New Object() {newPassword})
userEntry.CommitChanges()

My problem is I am trying to run this code in a Web service and can't seem to get it to work consistently. I can run this successfully on a machine that is not part of any domain and as something as restricted as the IUSR account. However, within the production domain I can't run it unless I elevate the rights for the virtual directory. There is a lot of discussion on forums.asp.net regarding setPassword which you might want to read as well.

Your code should look like the following. You need to add CN= to the username. This is not neccessary with the Winnt Provider but required for LDAP. It would also be better to use the properties property to set the User Description rather than through invoke,

private void createUser()
{
DirectoryEntry adEntry = new DirectoryEntry("LDAP://mydomain");
DirectoryEntry userEntry = adEntry.Children.Add("CN=BobUser", "User"}
userEntry.Properties["Description"].Add("User Description");
userEntry.CommitChanges();
userEntry.Invoke("SetPassword", new object[] { "12345Abcd#" });
userEntry.CommitChanges();
}

setPassword has been driving me crazy too, but for different reasons. I had my domain admin create an account operator account for my .NET Web service to use and by passing the userid/pw into the DirectoryEntry constructor it works. Here is the code I am using (VB.NET) I think I found it on google. Hope this helps-

searchRoot = New DirectoryEntry(String.Format("LDAP://{0}/{1}", strDomainController, rootDN), strServiceAccountUserID, strServiceAccountPassword, AuthenticationTypes.Secure Or AuthenticationTypes.Sealing Or AuthenticationTypes.ServerBind)
searcher = New DirectorySearcher(searchRoot)
searcher.Filter = String.Format("sAMAccountName={0}", username)
searcher.SearchScope = SearchScope.Subtree
searcher.CacheResults = False
results = searcher.FindAll()

For Each result In results
userEntry = result.GetDirectoryEntry()
Exit For
Next

If userEntry Is Nothing Then
Throw New InvalidOperationException("User not found in this domain.")
End If

userEntry.Invoke("setPassword", New Object() {newPassword})
userEntry.CommitChanges()

My problem is I am trying to run this code in a Web service and can't seem to get it to work consistently. I can run this successfully on a machine that is not part of any domain and as something as restricted as the IUSR account. However, within the production domain I can't run it unless I elevate the rights for the virtual directory. There is a lot of discussion on forums.asp.net regarding setPassword which you might want to read as well.

Your code should look like the following. You need to add CN= to the username. This is not neccessary with the Winnt Provider but required for LDAP. It would also be better to use the properties property to set the User Description rather than through invoke,

private void createUser()
{
DirectoryEntry adEntry = new DirectoryEntry("LDAP://mydomain");
DirectoryEntry userEntry = adEntry.Children.Add("CN=BobUser", "User"}
userEntry.Properties["Description"].Add("User Description");
userEntry.CommitChanges();
userEntry.Invoke("SetPassword", new object[] { "12345Abcd#" });
userEntry.CommitChanges();
}