Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Setting "User Cannot Change Password" Flag from ASP.NET/C#

Reply
Thread Tools

Setting "User Cannot Change Password" Flag from ASP.NET/C#

 
 
John Beard
Guest
Posts: n/a
 
      06-15-2004
I downloaded the attached code from MS. It flips on the "User Cannot Change
Password" on a user in AD and works great from a console or
windows app, but when put into an ASP.NET app I get a "The security ID
structure is invalid." error when trying to assign the new security
descriptor. I am running in Windows Authentication mode with IIS set to
Integrated security on an XP box.

Does anyone have a work around for this?

Thanks in advance.
John

(http://msdn.microsoft.com/library/de...-us/sds/sds/ma
naging_user_passwords.asp)
using System;
using System.DirectoryServices;

public class securitydescriptorclass
{
public const string PASSWORD_GUID =
"{ab721a53-1e2f-11d0-9819-00aa0040529b}";
public const int ADS_UF_ACCOUNTDISABLE=2;
public const int ADS_UF_PASSWORD_EXPIRED=0x800000;
public const int
ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION=0x10 00000;

public static void Main(string[] args)
{
DirectoryEntry ent = new DirectoryEntry();
DirectoryEntry ou = ent.Children.Find("OU=Consulting");
DirectoryEntry usr = ou.Children.Add("CN=Alice Sullivan","user");

string[] trustees = new string[]{@"NT AUTHORITY\SELF","EVERYONE"};

ActiveDs.IADsSecurityDescriptor sd =

(ActiveDs.IADsSecurityDescriptor)usr.Properties["ntSecurityDescriptor"].Valu
e;
ActiveDs.IADsAccessControlList acl =
(ActiveDs.IADsAccessControlList)
sd.DiscretionaryAcl;
ActiveDs.IADsAccessControlEntry ace = new
ActiveDs.AccessControlEntry();
foreach(string trustee in trustees)
{
ace.Trustee = trustee;
ace.AceFlags = 0;
ace.AceType = (int)
ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_DENIE D_OBJECT;
ace.Flags =
(int)ActiveDs.ADS_FLAGTYPE_ENUM.ADS_FLAG_OBJECT_TY PE_PRESENT;
ace.ObjectType = PASSWORD_GUID;
ace.AccessMask =
(int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_DS_CONTROL _ACCESS;
acl.AddAce(ace);
}
sd.DiscretionaryAcl = acl;
usr.Properties["ntSecurityDescriptor"].Value = sd;
usr.CommitChanges();
}
}


 
Reply With Quote
 
 
 
 
thaya thaya is offline
Junior Member
Join Date: Sep 2006
Posts: 1
 
      09-06-2006
I have the same probleam...do you have any idea how to fix it? It would be really help ful if you give me some hints

thanks

thaya
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Follow Up Flag & Due Date Setting for Outlook MSG Files in Java Apps sherazam Java 0 09-14-2012 07:37 AM
How keep python socket alive for ever by setting Keep alive flag. hisan Python 1 06-25-2012 05:30 PM
Setting bit flag enum value in aspx file ? Moe Sisko ASP .Net 1 01-02-2008 10:00 PM
Setting low level flag for Serial Port in Java Homer Java 1 07-16-2007 10:30 PM
Setting Dirty Flag without fsutil.exe from my code,... Kerem Gümrükcü Windows 64bit 12 04-06-2007 11:48 AM



Advertisments