Can`t change AD password from c# code, throw exceptions

Question

I have problem with c# script who change user AD password, when try change password, they throw exception

A constraint violation occurred. (Exception from HRESULT: 0x8007202F)

Code

DirectoryEntry entry = new DirectoryEntry("LDAP://domain.com", strLoginName, oldpassword.Text.ToString(), AuthenticationTypes.Secure);
DirectorySearcher search = new DirectorySearcher(entry);
search.Filter = "(SAMAccountName=" + strLoginName + ")";
search.SearchScope = SearchScope.Subtree;
search.CacheResults = false;

SearchResultCollection results = search.FindAll();
foreach (SearchResult result in results)
    entry = result.GetDirectoryEntry();

entry.Invoke("ChangePassword", new object[] { oldpassword.Text.ToString(), newpassword.Text.ToString() });
entry.CommitChanges();

Which could be a problem?

Sounds like the active directory has password complexity requirements that aren't met by the new password. — George Duckett, Mar 28 '12 at 11:21

score 3 · Accepted Answer · edited Jan 16 '18 at 15:17

3

Look here: https://stackoverflow.com/a/1066177/1027551

For your example it would look like this:

using (var context = new PrincipalContext(ContextType.Domain,"domain.com"))
using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, 
                                                                 strLoginName )) 
{ 
  user.ChangePassword( oldPassword, newpassword ); 
}

I hope that helps.

edited Jan 16 '18 at 15:17

Liam

27,717
28
128
190

answered Mar 28 '12 at 22:20

Daro

1,990
2
16
22

By the way. I believe your problem is that your passing an array to a single value attribute. Also you are querying SamAccountName, but using FindAll instead of FindOne. If you have more than one user with the same SamAccountName, you have more trouble, than just the 0x8007202F exception... – Daro Mar 28 '12 at 22:51

Can`t change AD password from c# code, throw exceptions

1 Answers1