C# code cannot change AD password. (System.Runtime.InteropServices.COMException)

0

I'm trying to create a simple website to change my AD password. The website will be hosted internally in my IIS.

Here is how my UI looks like: Here

After clicking the submit button, I receive this error (which I displayed using an asp.net label): this image

System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne)
at System.DirectoryServices.DirectorySearcher.FindOne()
at changep1.changep.ChangeMyPassword(String domainName, String userName, String currentPassword, String newPassword) 

Here is my code:

using System.DirectoryServices;

protected void btncp_Click(object sender, EventArgs e)
{
    string result = "";
    string username = txtuser.Text;
    string oldpass = txtoldpass.Text;
    string newpass2 = txtpassnew2.Text;
    string dn = "Sales-comm";

    result =ChangeMyPassword(dn, username, oldpass , newpass2);
    lblresult.Text = result;

}


public string ChangeMyPassword(string domainName, string userName, string currentPassword, string newPassword)
{
    string resultinner="";

    try
    {
        string ldapPath = "LDAP://commonspace.Sales-comm.local/CN=admin,CN=Accounts and Services,DC=Sales-comm,DC=local";
        DirectoryEntry directionEntry = new DirectoryEntry(ldapPath, domainName + "\\" + userName, currentPassword);
        if (directionEntry != null)

        {
            DirectorySearcher search = new DirectorySearcher(directionEntry);
            search.Filter = "(SAMAccountName=" + userName + ")";
            SearchResult result = search.FindOne();
            if (result != null)
            {
                DirectoryEntry userEntry = result.GetDirectoryEntry();
                if (userEntry != null)
                {
                    userEntry.Invoke("ChangePassword", new object[] { currentPassword, newPassword });
                    userEntry.CommitChanges();
                }
            }
        }
    }
    catch (Exception ex)
    {
        resultinner= ex.ToString();
    }

    return resultinner;
}

I checked some Stack Overflow questions similar to mine, and changed the LDAP path accordingly, but I still can't solve this issue. Does anyone know what's wrong?

c#
asp.net
active-directory
ldap
asked on Stack Overflow Feb 5, 2018 by Elenn • edited Feb 5, 2018 by Elenn

1 Answer

0

That means it can't contact the domain controller. So you'll have to do some diagnostics.

Do a DNS lookup and make sure you have results:

nslookup commonspace.Sales-comm.local

Try to connect to the various LDAP ports. I use the telnet client for this:

telnet commonspace.Sales-comm.local 389

These are the ports you can use:

LDAP: 389 Global Catalog: 3268 LDAP over SSL: 646 Global Catalog over SSL: 3269

If you find that 3268 is open, then you can bind using GC://:

string ldapPath = "GC://commonspace.Sales-comm.local/CN=admin,CN=Accounts and Services,DC=Sales-comm,DC=local";

If one of the SSL ports are open, then you need to use LDAP:// but include the port number:

string ldapPath = "LDAP://commonspace.Sales-comm.local:646/CN=admin,CN=Accounts and Services,DC=Sales-comm,DC=local";

If you go SSL, then may have to make sure that the root certificate that is used is trusted on the computer you are connecting from.

answered on Stack Overflow Feb 12, 2018 by Gabriel Luci

User contributions licensed under CC BY-SA 3.0