System.Runtime.InteropServices.COMException: The specified network password is not correct. (Exception from HRESULT: 0x80070056)

Question

System.Runtime.InteropServices.COMException: The specified network password is not correct. (Exception from HRESULT: 0x80070056)

I'm getting the error below, every once in a while, when I try to change the users password....not everytime, or even every 10 times.... it's only happening so far in our live produciton environment.

the source is pretty straight forward, it's even in the stack trace

ActiveDirectoryMembershipProvider.ChangePassword(String username, String oldPassword, String newPassword)

Right before that I validate the username and the old password..

if ( !Membership.ValidateUser ( cpCv.LoginName, cpCv.OldPassword ) )
                {
                    sMsg = "Failed to validate, old password is probably incorrect.";
                    return sMsg;
                }

So that should be correct, and the conneciton to ad should be correct, but then why is the NEW password wrong?

What I can't figure out is WHICH password does it thinks is wrong part of the time.

The password to AD on the membership provider in the web.config? the users old passowrd? The new one?

Something else?

Does anyone know how to figure out which passowrd it's not happy with, or frankly any hints on this exception whatsoever?

It seems to me that's it's got to have something to do with an authentication or a session expiring, or it would be happeneiing 100% of the time (if the password were really wrong)

Thanks,

Cal-

System.Runtime.InteropServices.COMException: The specified network password is not correct. (Exception from HRESULT: 0x80070056)
Generated: Wed, 08 Feb 2012 22:54:18 GMT

System.Web.HttpException (0x80004005): Exception of type 'System.Web.HttpException' was thrown. ---> System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Runtime.InteropServices.COMException: The specified network password is not correct. (Exception from HRESULT: 0x80070056)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at System.Web.Security.ActiveDirectoryMembershipProvider.ChangePassword(String username, String oldPassword, String newPassword)
   at Jcdc.AccessControl.ChangePassword.DoChangePassword(String sMsg) in d:\CC\StudentPortal3G\Source\StudentPortal3G\AccessControl\ChangePassword.aspx.cs:line 129
   at Jcdc.AccessControl.ChangePassword.Button1_Click(Object sender, EventArgs e) in d:\CC\StudentPortal3G\Source\StudentPortal3G\AccessControl\ChangePassword.aspx.cs:line 50
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.HandleError(Exception e)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
   at System.Web.Util.AspCompatApplicationStep.EndAspCompatExecution(IAsyncResult ar)
   at ASP.accesscontrol_changepassword_aspx.EndProcessRequest(IAsyncResult ar) in c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\44dfbb4a\ab9ba47b\App_Web_aky3zvas.1.cs:line 0
   at System.Web.HttpApplication.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar)

Server Variables 
Name    Value
Page    https://live.jobcorps.org/AccessControl/ChangePassword.aspx

Time    2/8/2012 4:54:18 PM Central Standard Time
IP Address  10.111.50.131
MachineName     JCDC-S-SAW-001
JCDC User   Jackson.David
--------------------    ---------------------------------------------------------------------------------
Powered by ELMAH, version 1.0.10617.936 (debug; BETA3; net-3.5). Copyright (c) 2007, Atif Aziz. All rights reserved.

c#

asp.net

active-directory

asp.net-membership

membership-provider

asked on Stack Overflow Feb 8, 2012 by

Eric Brown - Cal • edited Feb 8, 2012 by

Eric Brown - Cal

2 Answers

Try looking in event viewer on the machine generating the error, specifically the security logs. You may find an error there that mentions which account the incorrect password was attempted for.

answered on Stack Overflow Feb 8, 2012 by

Jacob

As a first step, simply add temporary logging to accesscontrol/changepassword_aspx for the entered username/password. Associate those with what ELMAH is showing you.

This is likely the user's password (old one) that is failing, not anything from the web.config.

There is an interesting note here though: http://forums.asp.net/t/1299086.aspx/1


If you are using integrated, then how are you able to provide 
the CurrentPwd for the ChangePassword call? (The password is
 never available in cleartext)

If the user is already authenticated, then you don't have
 to use ChangePassword. Instead, you can use SetPassword 
to force the new password regardless of the old password: 
user.Invoke("SetPassword", new object[] {newPwd});

That may be one solution for you.

answered on Stack Overflow Feb 8, 2012 by

Adam Tuliper - MSFT

User contributions licensed under CC BY-SA 3.0