getting System.Reflection.TargetInvocationException while trying to change the AD password of an user from web apps using C#

Question

0.00/5 (No votes)

See more:

Hi,

I'm having this problem and I'm not able to solve this for a while now. The scenario is like any user of my web apps can change their application password and the corresponding Server AD ID password from the application itself. I'm using .NET 3.5 framework and was came to know that by using the namespace called
System.DirectoryServices.AccountManagement we can do any AD ID manupulation by writing C# code. I've used the below code to change the AD password of the user.

#region SetUserDomainPassword for setting the new password as domain password
private bool SetUserDomainPassword(string strUserId, string strNewPassword)
{
bool blnflag = false;
try
{
UserPrincipal oUserPrincipal = GetUser(strUserId);
oUserPrincipal.SetPassword(strNewPassword);blnflag = true;
return blnflag;
}
 
catch (Exception ex)
{ 
ExceptionPolicy.HandleException(ex, "EPolicy");
return blnflag;
}
}
#endregion
#region GetUser for getting the user info
public UserPrincipal GetUser(string sUserName)
{
PrincipalContext oPrincipalContext = GetPrincipalContext();
UserPrincipal oUserPrincipal =
UserPrincipal.FindByIdentity(oPrincipalContext, sUserName);
return oUserPrincipal;
}
#endregion
#region GetPrincipalContext for getting the principalCOntext
public PrincipalContext GetPrincipalContext()
{
PrincipalContext oPrincipalContext = new PrincipalContext(ContextType.Domain);
return oPrincipalContext;
}
#endregion

Here, I'm calling the "SetUserDomainPassword" method with the AD user ID and the new password sent as the parameters. The problem I'm facing is when ever it is executing the underlined code above it is throwing an exception which is exactly like below.

Timestamp: 11/2/2010 7:45:29 AM
Message: HandlingInstanceID: 7eb8e4c2-51e4-4488-b8dc-84e9a9aba48c
An exception of type 'System.Reflection.TargetInvocationException' occurred and was caught.

-------------------------------------------------------------------------------------------
11/02/2010 03:45:29
Type : System.Reflection.TargetInvocationException, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : Exception has been thrown by the target of an invocation.
Source : System.DirectoryServices
Help link : 
Data : System.Collections.ListDictionaryInternal
TargetSite : System.Object Invoke(System.String, System.Object[])
Stack Trace :    at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at System.DirectoryServices.AccountManagement.SDSUtils.SetPassword(DirectoryEntry de, String newPassword)
   at System.DirectoryServices.AccountManagement.ADStoreCtx.SetPassword(AuthenticablePrincipal p, String newPassword)
   at System.DirectoryServices.AccountManagement.PasswordInfo.SetPassword(String newPassword)
   at System.DirectoryServices.AccountManagement.AuthenticablePrincipal.SetPassword(String newPassword)
   at login.SetUserDomainPassword(String strUserId, String strNewPassword)
Additional Info:
MachineName : CHA-SVMAK01
TimeStamp : 11/2/2010 7:45:29 AM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=4.0.0.0, Culture=neutral, PublicKeyToken=null
AppDomainName : /LM/W3SVC/1/Root/Odms-1-129331554544329397
ThreadIdentity : 
WindowsIdentity : NT AUTHORITY\NETWORK SERVICE
 Inner Exception
 ---------------
 Type : System.UnauthorizedAccessException, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
 Message : Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
 Source : 
 Help link : 
 Data : System.Collections.ListDictionaryInternal
 TargetSite : 
 Stack Trace : The stack trace is unavailable.
Category: General
Priority: 0
EventId: 100
Severity: Error
Title:Enterprise Library Exception Handling
Machine: CHA-SVMAK01
Application Domain: /LM/W3SVC/1/Root/Odms-1-129331554544329397
Process Id: 992
Process Name: c:\windows\system32\inetsrv\w3wp.exe
Win32 Thread Id: 5512
Thread Name: 
Extended Properties: 
----------------------------------------

I'm confused getting this exception, Can any one of you help me out of this issue. My IIS 6 in windows server 2003 has anonymous access enabled. It would be highly helpful if any one can help me resolving this issue. I've been trying for long but couldn't figure out yet. Thanks in advance.
Regards,
Subhadeep

Posted 2-Nov-10 2:22am

Bodan_

Updated 2-Nov-10 3:01am

HimanshuJoshi

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Answer 1 · 2010-11-02T04:14:00

Keep looking down the stack trace. Your getting an "ACCESS DENIED" message.

Your code runs as the ASP.NET account on the server, not as the user that is accessing the site.

The ASP.NET account doesn't have any permissions to change passwords in AD. You can give that account permissions, but I highly recommend you consider ALL of the security risks in doing so and make sure your code is rock solid and your web server securty is configured correctly and has all the latest security updates.