How to programmatically change Active Directory password
You can use the UserPrincipal class' SetPassword method, provided you have enough privileges, once you've found the correct UserPrincipal object. Use FindByIdentity to look up the principal object in question.
using (var context = new PrincipalContext( ContextType.Domain ))
{
using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName ))
{
user.SetPassword( "newpassword" );
// or
user.ChangePassword( "oldPassword", "newpassword" );
user.Save();
}
}
Change an Active Directory password
As Paolo notes, you can't call Reset Password without extra privileges. To call ChangePassword, you need to supply the previous password like this:
directoryEntry.Invoke("ChangePassword", oldPassword, newPassword);
directoryEntry.Commit();
c# Change AD password Directoryservices
The two Windows updates 3177108 and 3167679 have changed the behavior of ChangePassword.
There is a thread here about the issue: https://social.msdn.microsoft.com/Forums/vstudio/en-US/77dc733e-a13d-4349-9088-8065b85d5c3f/userprincipalchangepassword-stops-working-after-windows-updates-3177108-and-3167679?forum=netfxbcl
It seems, that you now have to specify a valid UPN when creating the PrincipalContext.
Before you could use a IP as endpoint when creating the context, now it seems it has to be a correct domain name aswell.
Furthermore, you now always receive the same exception when an error occurs - we used to receive the password policy exception for users choosing insufficient passwords, now we get:
System.DirectoryServices.AccountManagement.PrincipalOperationException:
The system cannot contact a domain controller to service the
authentication request. Please try again later. (Exception from
HRESULT: 0x800704F1)
UPDATE 04-10-2016:
The exception displayed above is really the general/generic error received for just about anything when calling ChangePassword after the updates.
If for instance some of the ports involved in the protocol is blocked by a firewall, you get this one as well (applicable if you call from a server/machine that is not domain joined).
Good resource for required ports: https://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx
Note that the dynamic range is required as well.
If the user is not allowed to change password (domain policy, circumvent by setting MUST CHANGE AT NEXT LOGON FLAG) you also receive this exception.
Change Password Windows AD C#
SetPassword requires the user your code is running as to be an admin in Active Directory. Since you already have the old password available, try replacing this line:
up.SetPassword(txtNewChangedPassword.Text);
With this:
up.ChangePassword(password, txtNewChangedPassword.Text);
up.Save();
How can I programmatically change my windows domain password?
Use the DirectoryEntry class to get and update the active directory entry for the user.
http://linuxonly.nl/docs/21/43_Circumvent_password_expiry_in_Windows.html
Changing Active Directory user passwords in c#/asp.net after MS patch KB3167679
I have encountered a similar issue. Try changing ContextOptions.SimpleBind to ContextOptions.Negotiate
Related Topics
How to Select Xml Nodes with Xml Namespaces from an Xmldocument
Why Cannot Ienumerable<Struct> Be Cast as Ienumerable<Object>
Add Shape Information to a Listview When Its Created
How to Change Time in Datetime
Passing an Enum Value as Command Parameter from Xaml
How to Install a Certificate into the Local MAChine Store Programmatically Using C#
.Net - Windowstyle = Hidden VS. Createnowindow = True
.Contains() on a List of Custom Class Objects
Xmlwriter to Write to a String Instead of to a File
How to Read the Data in a Wav File to an Array
Is There Windows System Event on Active Window Changed
How to Copy a File to Another Path
Save Settings in a .Net Winforms Application
Is Nameof() Evaluated at Compile-Time
Can You Specify Format for Xmlserialization of a Datetime