Ben Rinaca

I have an application that allows a user to create accounts in Active Directory and configure the connection based on whether or not they are running the application as a domain administrator. If they are running the application as a domain administrator, they don't have to enter a username/password to bind to the AD server. If not, they enter a username and password and I change AutenticationType to ServerBind.

When doing ServerBind I am able to connect, delete users, create users, set properties, etc but when I try to set a new user's password I get a COMException - "One or more input parameters are invalid". It is executing the same exact code as if I was running the app as a domain admin (except for AuthenticationType set to ServerBind for the DirectoryEntry and Username and Password are set as well). Running the app as a domain admin allows me to create users and set passwords without any problem.

Code Snippet

DirectoryEntry currentUser = ........

currentUser.Invoke("SetPassword", new Object[] { "password" });

I'm curious as to why the same code would produce exceptions when I set AuthenticationType to ServerBind. Any ideas

When I do bind and enter a username and password, I am entering the actual domain Administrator username and password, so it is not an access/privilege issue.



Re: .NET Framework Networking and Communication DirectoryEntry Invoke SetPassword throws COMException only on ServerBind

Ben Rinaca

Update - the explained code works fine in Windows Server 2008 over a ServerBind connection, but still continues to throw the COMException if run on Windows Server 2003. I have tried it on two different Windows Server 2003 machines with the same results.

Again, any ideas I really don't think its a problem with the code since it works in 2003 without ServerBind and works in 2008 regardless of ServerBind. Does anyone have any idea where else I might look





Re: .NET Framework Networking and Communication DirectoryEntry Invoke SetPassword throws COMException only on ServerBind

Ben Rinaca

AuthenticationType must be Secure in order to invoke SetPassword when not running the process as a domain administrator. The error message on this was very unclear and I'm still unable to find it documented anywhere. Anyway, setting the following worked fine:

Code Snippet
currentUser.AuthenticationType = AuthenticationTypes.Secure;