hi,
does anyone know if it is possible to remove an attribute that can not
be read into the ADSI property cache/collection.
i'm trying to do an eDirectory password change from .net directory
services. eDirectory uses the "userPasswo rd" property to change the
password and for a normal user, this has to be deleted and then added
to in one LDAP modify operation to successfully change the password. As
far as i know eDirectory schema does not allow this property to be
read.
i've tried doing the following, but it seems only the Add operation is
sent to the eDir server.
DirectoryEntry ldapConnection = // set to the exact user, authenticated
with old password
_ldapConnection .RefreshCache() ;
_ldapConnection .Properties["userPasswo rd"].Remove(oldPass word);
_ldapConnection .Properties["userPasswo rd"].Add(newPasswor d);
_ldapConnection .CommitChanges( );
i've contacted the novell support forums and they suggested to check if
there's an ADSI limitation that's affecting this.
if anyone's come across this issue before or can shed some light on if
it can be done, that'll be very much appreciated.
regards
chat
3  2221 
I don't think so. ADSI doesn't want to remove items that aren't in the
property cache, so it will be difficult to convince it to do this. I don't
think you can even do it with ADSI and PutEx as the same limitation applies.
This is actually one of the reasons ADSI needs a ChangePassword method on
IADsUser. LDAP password modifications in AD have similar limitations.
You can do this with S.DS.Protocols in .NET 2.0 though. It is a little more
work, but isn't too bad. There is a sample of doing something similar in
ch. 10 of our book, which you can get as a free download. It is designed
for AD with the unicodePwd attribute which takes a special syntax, but you
can simplify it to do what you want.
HTH,
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net
--
<ch********@hot mail.com> wrote in message
news:11******** **************@ j33g2000cwa.goo glegroups.com.. . hi,
does anyone know if it is possible to remove an attribute that can not
be read into the ADSI property cache/collection.
i'm trying to do an eDirectory password change from .net directory
services. eDirectory uses the "userPasswo rd" property to change the
password and for a normal user, this has to be deleted and then added
to in one LDAP modify operation to successfully change the password. As
far as i know eDirectory schema does not allow this property to be
read.
i've tried doing the following, but it seems only the Add operation is
sent to the eDir server.
DirectoryEntry ldapConnection = // set to the exact user, authenticated
with old password
_ldapConnection .RefreshCache() ;
_ldapConnection .Properties["userPasswo rd"].Remove(oldPass word);
_ldapConnection .Properties["userPasswo rd"].Add(newPasswor d);
_ldapConnection .CommitChanges( );
i've contacted the novell support forums and they suggested to check if
there's an ADSI limitation that's affecting this.
if anyone's come across this issue before or can shed some light on if
it can be done, that'll be very much appreciated.
regards
chat
thanks for the info joe, as you mentioned i had tried doing the PutEx
as well and that didn't work either.
unfortunately we can't take the .net 2.0 path at the moment so we'll
have to find a work around this.
chat
In that case, you are kind of screwed. You'll need your own direct LDAP API
wrapper of some sort.
I used to have one that worked ok that was a p/invoke wrapper around
wldap32, but it did have some weird memory issues at times. If you really
wanted to look at it, I might be able to dig it up, but there aren't really
any docs or samples for it.
Best of luck,
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net
--
<ch********@hot mail.com> wrote in message
news:11******** **************@ j55g2000cwa.goo glegroups.com.. . thanks for the info joe, as you mentioned i had tried doing the PutEx
as well and that didn't work either.
unfortunately we can't take the .net 2.0 path at the moment so we'll
have to find a work around this.
chat This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Ronald Wunderlich |
last post by:
Hi,
My first Question: can db2 (db2ckpw) ask over pam_ldap my edirectory
ldap server for user authentication?
The scenario: 1. computer suse linx enterprise server 8(SLES8) and
edirectory 7.8.3
2. computer sles8 db2 with pam_ldap ( the user
authentication on kde, on ssh, radius with ladp ...
works fine. I see all user with getent...
|
by: Corne Grotius |
last post by:
Hiya,
I'm trying to create a new site on IIS 6.0 using ADSI and C# using the
following code:
DirectoryEntry W3SVC = new DirectoryEntry("IIS://" + ServerName +
"/w3svc", Username, Password, AuthenticationTypes.Secure);
DirectoryEntries sites = W3SVC.Children;
DirectoryEntry newSite = sites.Add("1234","IIsWebServer"); //create
a new site
|
by: Henrik |
last post by:
Hi,
I am trying to autheticate a user in ldap and get a list of all the groups
the the use is a member of. My problem is that i only get one groups from the
request, although i know i am memeber of several groups.
Can anyone see what i am doing wrong here?
public bool IsAuthenticated(string domain, string username, string pwd)
{
|
by: CodeRazor |
last post by:
I need to retrieve a list of groups from Active Directory.
Then i need to retrieve a list of users from a group.
I'm unfamiliar with Active Directory objects.
Can i connect to Active Directory with LDAP, without specifying a particular
group?
How can i retrieve a list of groups?
thank you, -- i'm looking for any pointers.
|
by: CodeRazor |
last post by:
I am trying to retrieve a list of all the groups from Active Directory, so
e.g. (Team Leaders, Accounts, Development etc). ( I am going on the
assumption that email groups are the same as active directory groups...is
this right?.). If not, how do i get the kinds of groups i describe?
I'm working on an Human Resources app that needs to...
| | |
by: Andrew |
last post by:
Hey all,
Working on revamping our Intranet here and making use of the LDPA, Active
Directory, Directory Services, etc. that .Net provides. I am still fairly
new on this subject, so the problem I have run into I am not sure how to
fix, and really not sure what is causing it.
Here's what is going on (test server - Windows 2003 Server):
I...
|
by: h2so4 |
last post by:
I want to write a program that will query an ldap directory. can I use adsi
or ado to do that, If yes how ?
tx
--
h2so4
|
by: Jay |
last post by:
Hi,
This is Jay Mehta. I have this problem when using LDAP. I extract names
and EmailId's of all those present from LDAP and populate in a
datagrid.
Now when run locally, it is running properly. But when put on Web
Server and try to access it from client machines, it is giving the
Error as "An Operation Error Occured".
|
by: shashank kadge |
last post by:
hello experts,
I want to get attribute type (whether single value or multivalue) from
AD forest/domain.
Does any1 know how to get that.
Or at least how to get AD schema using C#.
Any help/links wud be appreciated.
thanks,
shashank kadge
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it. ...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
| |
