System.UnauthorizedAccessException 调用 UserPrincipal.SetPassword
当我运行此代码时
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
adHost,
adRoot,
ContextOptions.SimpleBind,
adUsername,
adPassword);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
user.SetPassword(password);
user.Save();
,出现此异常
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.UnauthorizedAccessException: One or more input parameters are invalid
代码是使用“runas /user:”从命令行运行的 (domainadminuser也是本地管理员) 使用相同的凭据(domainadminuser)创建上下文 我已检查所有用户名、密码等是否已正确填充 这与我创建PrincipalContext 的方式有关吗?
我完全被困住了。有人有什么想法吗?
谢谢
[更新] 这是我用来让它工作的代码。我想也许 ValidateCredentials 是让它进入生活的东西(可能)
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, parameters["adHost"] );
ctx.ValidateCredentials(parameters["adUsername"], parameters["adPassword"], ContextOptions.SimpleBind);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
user.SetPassword(password);
user.Save();
when I run this code
PrincipalContext ctx = new PrincipalContext(ContextType.Domain,
adHost,
adRoot,
ContextOptions.SimpleBind,
adUsername,
adPassword);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
user.SetPassword(password);
user.Save();
I get this exception
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.UnauthorizedAccessException: One or more input parameters are invalid
The code is running from a command line using "runas /user:
(domainadminuser is also a local admin)
The context is created using the same credentials (domainadminuser)
I've checked that all usernames, passwords etc are populated correctly
Is it something to do with the way I am creating the PrincipalContext?
I'm completely stuck. Does anyone have any ideas?
Thanks
[UPDATE]
Here's the code I used to get it working. I think maybe the ValidateCredentials was the thing that kicked it into life (possibly)
PrincipalContext ctx = new PrincipalContext(ContextType.Domain, parameters["adHost"] );
ctx.ValidateCredentials(parameters["adUsername"], parameters["adPassword"], ContextOptions.SimpleBind);
UserPrincipal user = UserPrincipal.FindByIdentity(ctx, IdentityType.SamAccountName, username);
user.SetPassword(password);
user.Save();
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
下面是适用于我们内部开发的密码请求管理系统的代码,请尝试告诉我:
Below is the code that works fine for a password request management system we developed in-house, do try and let me know:
就 Active-Directory 而言,与标准 LDAP 协议相关的是,没有 SSL 的简单绑定不允许更改任何密码。显然,您使用的类可以使用非标准协议与服务器进行通信,但您的 SimpleBind 上下文选项可以切换到标准 LDAP。查看@CodeCanvas 代码。
As far as Active-Directory is concerned with the Standard LDAP protocol the simple bind without SSL not allow to change any password. Clearly here you are using classes that can communicate with your server using non standard protocol, but your SimpleBind context option can switch to standard LDAP. have a look to @CodeCanvas code.
创建上下文时,请确保将 ContextOptions 设置为 ContextOptions.Negotiate 。如果您提到了
ContextOptions.SimpleBind,SetPassword可能不起作用。When the Context is created, make sure to set the
ContextOptionstoContextOptions.Negotiate. If you have mentionedContextOptions.SimpleBind,SetPasswordmay not work.