LDAP SetPassword访问被拒绝

Question

以下代码工作了3个月,没有任何问题.从今天起我收到以下错误; "调用目标引发了异常"和内部异常; "访问被拒绝.(HRESULT异常:0x80070005(E_ACCESSDENIED)"

验证功能有效.这是我的功能;

public bool Authenticate(string strUserName, string strPassword)
    {
        bool authenticated = false;
        using (
                var entry = new DirectoryEntry("LDAP://myldapserver", strUserName + "@domain", strPassword,
                                               AuthenticationTypes.Secure))
        {
            try
            {
                object nativeObject = entry.NativeObject;
                authenticated = true;
            }
            catch (DirectoryServicesCOMException ex)
            {
                return false;
            }

        }
        return authenticated;
    }

和ChangePassword方法;

   public bool ChangePassword(string strUserName, string strOldPassword, string strNewPassword)
    {
        const long ADS_OPTION_PASSWORD_PORTNUMBER = 6;
        const long ADS_OPTION_PASSWORD_METHOD = 7;
        const int ADS_PASSWORD_ENCODE_REQUIRE_SSL = 0;
        const int ADS_PASSWORD_ENCODE_CLEAR = 1;
        string strPort = "636";
        int intPort;
        intPort = Int32.Parse(strPort);

        try
        {
            string strUserString = "domain" + @"\" + strUserName.Trim();

            var entry = new DirectoryEntry("LDAP://myldapserver", strUserString, strOldPassword,
                                           AuthenticationTypes.Secure);
            var search = new DirectorySearcher(entry);
            string strFilter = "(SAMAccountName=" + strUserName + ")";
            search.Filter = strFilter;
            SearchResult result = search.FindOne();
            DirectoryEntry user = result.GetDirectoryEntry();

            user.Invoke("SetOption", new object[] { ADS_OPTION_PASSWORD_PORTNUMBER, intPort });
            user.Invoke("SetOption", new object[] { ADS_OPTION_PASSWORD_METHOD, ADS_PASSWORD_ENCODE_CLEAR });
            **user.Invoke("SetPassword", new object[] { strNewPassword });**
            user.CommitChanges();
            user.Close();
        }

        catch (Exception exception)
        {
            string msg = exception.InnerException.Message;
            return false;
        }
        return true;
    }

它在我调用SetPassword属性时抛出expcetion.任何帮助将不胜感激.

Answer 1

这是例子：-

PrincipalContext pr = new PrincipalContext(ContextType.Domain, "corp.local", "OU=" + OU + ",OU=Users,dc=corp,dc=local", username, password);
UserPrincipal us = new UserPrincipal(pr);

更改密码

user.SetPassword("setPassword");

如果您希望用户在下次登录时更改密码，您可以这样使用。

user.ExpirePasswordNow();

这是您的完整代码：-

public static Boolean ResetPassword(string username, string password, string DomainId, string setpassword, Boolean UnlockAccount,Boolean NextLogon)
{
   PrincipalContext pr = new PrincipalContext(ContextType.Domain, "corp.local", "dc=corp,dc=local", username, password);
   UserPrincipal user = UserPrincipal.FindByIdentity(pr, DomainId);

   Boolean flag = false;
   if (user != null && user.Enabled == true)
    {
       if (UnlockAccount)
        {
          user.UnlockAccount();
        }
        user.SetPassword(setpassword);
        if (NextLogon)
        {
          user.ExpirePasswordNow();
        }
        user.Save();
        flag = true;
    }
    else
      {
         flag = false;
      }
    user.Dispose();
    pr.Dispose();
    return flag;
   }

我在这里找到了一篇很好的文章，如果你想按照你的方式使用它，请看这里，

http://www.primaryobjects.com/cms/article66.aspx