This is a code i use to change password on AD
Expand|Select|Wrap|Line Numbers
- public bool ChangePasswordAD(string strLogin, string strOldPasswd, string strNewPasswd)
- {
- try
- { string domainAndUsername = "aloha.com" + @"\" + strLogin;
- DirectoryEntry entry = new DirectoryEntry(ConfigurationManager.AppSettings["LDAPpath"].ToString(), domainAndUsername, strOldPasswd, AuthenticationTypes.Secure);
- DirectorySearcher searcher = new DirectorySearcher(entry);
- searcher.Filter = "(&(objectCategory=person)(objectClass=user)(sAMAccountName=strLogin))";
- SearchResult objResult = searcher.FindOne();
- DirectoryEntry objLoginEntry = (objResult != null) ? objResult.GetDirectoryEntry() : null;
- if (objLoginEntry != null)
- {
- object obj = objLoginEntry.Invoke("ChangePassword", new object[] { strOldPasswd, strNewPasswd });
- objLoginEntry.CommitChanges();
- obj = null;
- }
- entry = null;
- searcher = null;
- objResult = null;
- objLoginEntry = null;
- }
- catch (Exception ex)
- {
- return false;
- }
- return true;
- }
- If the Admin creates a user and don't check " User must change password the next logon " then the user from client can change password successfully , and without error
- But if the Admin creates a user and check " User must change password the next logon " then the user can't change password .
I know the error caused by : When "User must change password the next logon" is checked, user have to change it immediately in a sign in window, and use new password to login instead of the old password .
How can I deal with this problem ?
Thanks you.