|
ms
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
"Logon failure" using Invoke("SetPassword"...and I don't know where to turn to next. I have code that is creating a user (works fine), then sets the account flags (works fine) and then sets the password (fails). Here is the pertinent information: Ex.InnerException.Message: Logon failure: unknown user name or bad password. Ex.Message: Exception has been thrown by the target of an invocation. Stack Trace: at System.RuntimeType.InvokeDispMethod(String name, BindingFlags invokeAttr, Object target, Object[] args, Boolean[] byrefModifiers, Int32 culture, String[] namedParameters)\r\n at System.RuntimeType.InvokeMember(String name, BindingFlags invokeAttr, Binder binder, Object target, Object[] args, ParameterModifier[] modifiers, CultureInfo culture, String[] namedParameters)\r\n at System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder binder, Object target, Object[] args)\r\n at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)\r\n at Project.FormName.ChangeUserPassword(String szUsername) in c:\\inetpub\\wwwroot\\Project\\secure\\usercreation.aspx.cs:line 254" When I create the DirectoryEntry (code below): DirectoryEntry entry = new DirectoryEntry( "LDAP://dc.domain.local/CN=" + szUsername + ",OU=MyUsers,DC=domain,DC=local", szAdminAccount + "@domain.local", szAdminPwd, AuthenticationTypes.Secure | AuthenticationTypes.ServerBind); This is a WebApp that is running on Win2k3 Server IIS 6. I have logged on with the account and password supplied and that works fine and the account can change the password. Any thoughts would be appreciated.
Show quote
Hide quote
"Joe" <J**@discussions.microsoft.com> wrote in message As I told you in your previous posting:news:D4E10280-11A3-43AA-83FB-5DCC4BBB883D@microsoft.com... >I know that I have posted this question before, but it is still unresolved > and I don't know where to turn to next. > > I have code that is creating a user (works fine), then sets the account > flags (works fine) and then sets the password (fails). > > Here is the pertinent information: > Ex.InnerException.Message: Logon failure: unknown user name or bad password. > Ex.Message: Exception has been thrown by the target of an invocation. > > Stack Trace: > at System.RuntimeType.InvokeDispMethod(String name, BindingFlags > invokeAttr, Object target, > Object[] args, Boolean[] byrefModifiers, Int32 culture, String[] > namedParameters)\r\n > > at System.RuntimeType.InvokeMember(String name, BindingFlags invokeAttr, > Binder binder, Object target, > Object[] args, ParameterModifier[] modifiers, CultureInfo culture, String[] > namedParameters)\r\n > > at System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder > binder, Object target, > Object[] args)\r\n at > System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] > args)\r\n > > at Project.FormName.ChangeUserPassword(String szUsername) in > c:\\inetpub\\wwwroot\\Project\\secure\\usercreation.aspx.cs:line 254" > > When I create the DirectoryEntry (code below): > DirectoryEntry entry = new DirectoryEntry( > "LDAP://dc.domain.local/CN=" + szUsername + ",OU=MyUsers,DC=domain,DC=local", > szAdminAccount + "@domain.local", > szAdminPwd, > AuthenticationTypes.Secure | AuthenticationTypes.ServerBind); > > This is a WebApp that is running on Win2k3 Server IIS 6. > > I have logged on with the account and password supplied and that works > fine and the account can change the password. > > Any thoughts would be appreciated. - you are running this code on a NON domain member, and - the account running this code is not a domain account (obviously) That means that you can't use "SetPassword" to reset an accounts password, this is because Windows cannot create a secure (encrypted) channel between the two machines (IIS server and AD server) to establish the "SetPassword" protocol The are a number of solutions for this problem. You could add the IIS server machine to the login domain, if this isn't possible, you have to use SSL as transport between both machines. Please search MSDN for a description on how to configure AD for SSL access and how to export the certificates to the clients. Willy. Willy,
As I said, that information is incorrect. It is running on a domain member. It turns out that the problem was caused by a DNS problem. I did not change my code, found and fixed the DNS issue and now the code works perfectly. Thank you for your help. Show quoteHide quote > "Joe" <J**@discussions.microsoft.com> wrote in message > news:D4E10280-11A3-43AA-83FB-5DCC4BBB883D@microsoft.com... > >I know that I have posted this question before, but it is still unresolved > > and I don't know where to turn to next. > > > > I have code that is creating a user (works fine), then sets the account > > flags (works fine) and then sets the password (fails). > > > > Here is the pertinent information: > > Ex.InnerException.Message: Logon failure: unknown user name or bad password. > > Ex.Message: Exception has been thrown by the target of an invocation. > > > > Stack Trace: > > at System.RuntimeType.InvokeDispMethod(String name, BindingFlags > > invokeAttr, Object target, > > Object[] args, Boolean[] byrefModifiers, Int32 culture, String[] > > namedParameters)\r\n > > > > at System.RuntimeType.InvokeMember(String name, BindingFlags invokeAttr, > > Binder binder, Object target, > > Object[] args, ParameterModifier[] modifiers, CultureInfo culture, String[] > > namedParameters)\r\n > > > > at System.Type.InvokeMember(String name, BindingFlags invokeAttr, Binder > > binder, Object target, > > Object[] args)\r\n at > > System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] > > args)\r\n > > > > at Project.FormName.ChangeUserPassword(String szUsername) in > > c:\\inetpub\\wwwroot\\Project\\secure\\usercreation.aspx.cs:line 254" > > > > When I create the DirectoryEntry (code below): > > DirectoryEntry entry = new DirectoryEntry( > > "LDAP://dc.domain.local/CN=" + szUsername + ",OU=MyUsers,DC=domain,DC=local", > > szAdminAccount + "@domain.local", > > szAdminPwd, > > AuthenticationTypes.Secure | AuthenticationTypes.ServerBind); > > > > This is a WebApp that is running on Win2k3 Server IIS 6. > > > > I have logged on with the account and password supplied and that works > > fine and the account can change the password. > > > > Any thoughts would be appreciated. > > > > As I told you in your previous posting: > - you are running this code on a NON domain member, and > - the account running this code is not a domain account (obviously) > That means that you can't use "SetPassword" to reset an accounts password, this is because > Windows cannot create a secure (encrypted) channel between the two machines (IIS server and > AD server) to establish the "SetPassword" protocol > > The are a number of solutions for this problem. > You could add the IIS server machine to the login domain, if this isn't possible, you have > to use SSL as transport between both machines. > Please search MSDN for a description on how to configure AD for SSL access and how to export > the certificates to the clients. > > Willy. > > > > > "Joe" <J**@discussions.microsoft.com> wrote in message This is confusing, and is the result of multi-posting, in one of your previous threads you news:A4679BBA-709D-408B-9C4B-32337279EC7A@microsoft.com... > Willy, > > As I said, that information is incorrect. It is running on a domain member. > It turns out that the problem was caused by a DNS problem. I did not > change my code, found and fixed the DNS issue and now the code works > perfectly. > first said that it was *not* running on a domain member, in that same thread you suddenly switched to a domain member and now you started a new thread, but failed to give some context. You don't suppose I know exactly on what machines you are running your code do you? Context is extremely important, as you might have found out yourself by now, when having issues like this. Willy.  
Other interesting topics
How can i have multiple base classes.
dynamic length arrays Marshaling variable length arrays Overriding the add method of a generic dictionary Interlocked on a string? Xml Read Single Line at a time using C# How to add date in access database How do I read all the files in a folder sorted by Created Date Time (Using System.IO). Showing HTML page in a windows application Build date |
|||||||||||||||||||||||
