Check AD password if "user must change password next login"

O

Oleg Ogurok

Hi all,

I'm trying to find a way (using C#.NET or COM) to authenticate a user based
on his credentials in Active Directory. The problem is that when I manually
set "User Must Change Password at Next Logon", or when the password expires,
I can no longer bind to AD using this user. Is there a method that checks
the password in AD regardless of that flag?

What I'm trying to implement is a dialog box prompting a user to change the
password if the password has expired. How can I check the old password for
validity.

Thank you,
-Oleg.
 
J

Joe Kaplan \(MVP - ADSI\)

You can't do this with an LDAP bind. The only way that I know it is
possible is by using SSPI directly, but I'm not sure how this is actually
done.

It is possible to discover if the user has that flag set using a different
set of credentials, but that doesn't help you bind unless you change that
flag.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Update AD with VB.NET 1
User to query ad 0
Asp.Net Forms authentication using Active Directory 1
Security Settings for Password Policy and User properties 6
AD pasword policy and laptop 3
Password 1
laptop cached password and AD expired password 0
"user must change password at next logon" 5

Top