Can not set password when create new Active Directory with C#

0

I'm getting stuck with creating Active Directory User with C#

this is my code use to create a new user:

public bool CreateUser(string userName, string password)
        {
            try
            {
                DirectoryEntry entry = new DirectoryEntry(lDAPConnectionString, aDConnectionUserName, aDConnectionPassword, AuthenticationTypes.Secure);

                // Use the Add method to add a user to an organizational unit.
                DirectoryEntry user = entry.Children.Add("CN=" + userName, "user");
                // Set the samAccountName, then commit changes to the directory.
                user.Properties["samAccountName"].Value = userName;
                user.Properties["userPrincipalName"].Value = userName + Constants.ADProperties.ADUPNLogonSuffix;

                user.CommitChanges();

                // Set password never expire
                int NON_EXPIRE_FLAG = 0x10000;
                int val = (int)user.Properties["userAccountControl"].Value;
                user.Properties["userAccountControl"].Value = val | NON_EXPIRE_FLAG;
                user.CommitChanges();

                // Enable User
                val = (int)user.Properties["userAccountControl"].Value;
                user.Properties["userAccountControl"].Value = val & ~(int)Constants.ADS_USER_FLAG_ENUM.ADS_UF_ACCOUNTDISABLE;
                user.CommitChanges();
                user.RefreshCache();

                // Set password
                user.UsePropertyCache = true;
                user.Invoke("SetOption", new object[] { Constants.ADS_USER_FLAG_ENUM.ADS_OPTION_PASSWORD_PORTNUMBER, Constants.ADProperties.ADPort });
                user.Invoke("SetOption", new object[] { Constants.ADS_USER_FLAG_ENUM.ADS_OPTION_PASSWORD_METHOD, Constants.ADS_USER_FLAG_ENUM.ADS_PASSWORD_ENCODE_CLEAR });
                user.Properties["LockOutTime"].Value = 0; 
                user.Invoke("SetPassword", new object[] { password });

                user.CommitChanges();

                return true;
            }
            catch (Exception)
            { 
            }

            return false;
        }

And when I use it, it throw an exception : "The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)" at line : "user.Invoke("SetPassword", new object[] { password });"

I tried many way but I cannot solve this problem. Any help would be appricated. Thanks

c#
active-directory
asked on Stack Overflow Jun 20, 2014 by trung truong

1 Answer

1

Error 0x80072035 usually returns due to a password policy. This can be length, special characters, password history (password was used before). It would help to handle those errors to prrovide feedback to the user. A guide to handle these errors can be found here:

http://www.ozkary.com/2015/03/active-directory-setpassword-or.html

answered on Stack Overflow Mar 7, 2015 by ozkary

User contributions licensed under CC BY-SA 3.0