Jump to content
Please Use CODE Tags

Creating user in active directory using ASP.NET with password never expiring option enabled

Shammikit
 Share
Posted

hello, im using the following code to create a user account and this creates accounts with "user must change password at next logon" option checked. i dont want it to do this, I want my passwords to be permanent. how can i achieve this programmatically  in ASP.NET. Thanks 

 try
    {
        string oGUID = string.Empty;
        string connectionPrefix = "LDAP://" + ldapPath;
        DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);
        DirectoryEntry newUser = dirEntry.Children.Add
            ("CN=" + userName, "user");
        newUser.Properties["samAccountName"].Value = userName;
        newUser.CommitChanges();
        oGUID = newUser.Guid.ToString();

        newUser.Invoke("SetPassword", new object[] { userPassword });
        newUser.CommitChanges();
        dirEntry.Close();
        newUser.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //DoSomethingwith --> E.Message.ToString();

    }

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
22 minutes ago, MikeSK said:

https://www.c-sharpcorner.com/article/active-directory-and-net/

 

Have you tried the linked code above?

yes i have tried adding that to my code like this but it didnt do anything. the tick on "change password at next logon" is still there. 

  try
    { 
        string connectionPrefix = "LDAP://" + ldapPath;
        DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);
        DirectoryEntry newUser = dirEntry.Children.Add
            ("CN=" + userName, "user");
        newUser.Properties["samAccountName"].Value = userName;
        newUser.CommitChanges();

        int exp = (int) newUser.Properties["userAccountControl"].Value;
        newUser.Properties["userAccountControl"].Value = exp | 0x0001;
        newUser.CommitChanges();

        newUser.Invoke("SetPassword", new object[] { userPassword });
        newUser.CommitChanges();
        dirEntry.Close();
        newUser.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //DoSomethingwith --> E.Message.ToString();

    }

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Quote

DONT_EXPIRE_PASSWORD           0x10000

Quote

SCRIPT                         0x0001

https://stackoverflow.com/questions/384304/creating-local-user-account-c-sharp-and-net-2-0

 

Have you tried?:
0x10000

 

Note:  I have not tried the preceding code.  Both DONT_EXPIRE_PASSWORD and SCRIPT may be required.  These original source postings may have had their default settings set to DONT_EXPIRE_PASSWORD and they required only the SCRIPT?  Again, I have not validated this.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
10 minutes ago, MikeSK said:

https://stackoverflow.com/questions/384304/creating-local-user-account-c-sharp-and-net-2-0

 

Have you tried?:
0x10000

 

Note:  I have not tried the preceding code.  Both DONT_EXPIRE_PASSWORD and SCRIPT may be required.  These original source postings may have had their default settings set to DONT_EXPIRE_PASSWORD and they required only the SCRIPT?  Again, I have not validated this.

yes i tried that too but same result and whenever i move that command to the position as shown below, it doesnt even create an account: 

  try
    {          
        string connectionPrefix = "LDAP://" + ldapPath;
        DirectoryEntry dirEntry = new DirectoryEntry(connectionPrefix);
        DirectoryEntry newUser = dirEntry.Children.Add
            ("CN=" + userName, "user");
        newUser.Properties["samAccountName"].Value = userName;

        int val = (int)newUser.Properties["userAccountControl"].Value; 
        newUser.Properties["userAccountControl"].Value = val | 0x10000; 

        newUser.CommitChanges();
        oGUID = newUser.Guid.ToString();

        newUser.Invoke("SetPassword", new object[] { userPassword });
        newUser.CommitChanges();

        dirEntry.Close();
        newUser.Close();
    }
    catch (System.DirectoryServices.DirectoryServicesCOMException E)
    {
        //DoSomethingwith --> E.Message.ToString();    
    }

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
15 minutes ago, MikeSK said:

https://stackoverflow.com/questions/384304/creating-local-user-account-c-sharp-and-net-2-0

 

Have you tried?:
0x10000

 

Note:  I have not tried the preceding code.  Both DONT_EXPIRE_PASSWORD and SCRIPT may be required.  These original source postings may have had their default settings set to DONT_EXPIRE_PASSWORD and they required only the SCRIPT?  Again, I have not validated this.

by any chance do u know a setting that is within server 2012 for setting the password of any account to not expire as default when creating an account  

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I would have to look up the info on Server 2012.

 

When I asked if you applied both, I was asking if you tried?

//UF_DONT_EXPIRE_PASSWD 0x10000
int exp = (int) de.Properties["userAccountControl"].Value;
de.Properties["userAccountControl"].Value = exp | 0x0001 | 0x10000 ;
de.CommitChanges();

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×