Active Directory - 调用目标已引发异常
我在 Active Directory 之外的单独服务器上有一个 Web 应用程序,并且我想更改用户密码。接下来是代码:
string newPassword = Membership.GeneratePassword(int.Parse(WebConfigurationManager.AppSettings["passLenght"]),
int.Parse(WebConfigurationManager.AppSettings["passNonAlpha"]));
DirectoryEntry de = new DirectoryEntry(WebConfigurationManager.ConnectionStrings["ADConnString"].ConnectionString,
WebConfigurationManager.AppSettings["ADAdmin"], WebConfigurationManager.AppSettings["ADAdminPass"]);
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(objectClass=user) (userPrincipalName=" + name + "))";
SearchResultCollection results = deSearch.FindAll();
if (results.Count == 1)
{
foreach (SearchResult OneSearchResult in results)
{
DirectoryEntry AlterUser = OneSearchResult.GetDirectoryEntry();
AlterUser.AuthenticationType = AuthenticationTypes.Secure;
AlterUser.Invoke("SetPassword", newPassword);
AlterUser.CommitChanges();
AlterUser.Close();
}
}
当我在开发环境(其中 Active Directory 和 Web 应用程序位于同一服务器上)中运行此代码时,它正在运行。但是当我尝试在生产环境中运行它时,我遇到了下一个错误:
调用目标已引发异常
我缺少什么?
谢谢。
编辑:
我可以深入研究异常错误,我得到这个:
访问被拒绝。 (HRESULT 异常:0x80070005 (E_ACCESSDENIED))
I have a web application in a separate server than Active Directory and I want to change a user password. The code is the next:
string newPassword = Membership.GeneratePassword(int.Parse(WebConfigurationManager.AppSettings["passLenght"]),
int.Parse(WebConfigurationManager.AppSettings["passNonAlpha"]));
DirectoryEntry de = new DirectoryEntry(WebConfigurationManager.ConnectionStrings["ADConnString"].ConnectionString,
WebConfigurationManager.AppSettings["ADAdmin"], WebConfigurationManager.AppSettings["ADAdminPass"]);
DirectorySearcher deSearch = new DirectorySearcher(de);
deSearch.Filter = "(&(objectClass=user) (userPrincipalName=" + name + "))";
SearchResultCollection results = deSearch.FindAll();
if (results.Count == 1)
{
foreach (SearchResult OneSearchResult in results)
{
DirectoryEntry AlterUser = OneSearchResult.GetDirectoryEntry();
AlterUser.AuthenticationType = AuthenticationTypes.Secure;
AlterUser.Invoke("SetPassword", newPassword);
AlterUser.CommitChanges();
AlterUser.Close();
}
}
When I run this in my development environment (where Active Directory and the web application are on the same server) it is working. But when I try to run it in the production environment I am having the next error:
Exception has been thrown by the target of an invocation
What am I missing?
Thanks.
EDIT:
I could go deep in the exception error and I get this:
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
权限是问题。运行 ASP.NET 代码的帐户没有设置帐户密码的权限。
或者:
SetPassword调用的权限它在您的开发环境中工作/在生产中失败的原因可能是由于以下原因的组合:
LogonUser)才能向 AD 进行身份验证。Permissions are the issue. The account under which your ASP.NET code is running doesn't have the permission to set the account password.
Either:
SetPasswordcallThe reason it is working in your dev environment/failing in production is likely due to a combination of:
LogonUser) in order to authenticate to AD.代码看起来是正确的。发生这种情况的原因可能是您通过 Active Directory 发送的密码不符合最低要求。尝试使用更复杂的密码,例如“M2k3ThisWork!”
The code looks correct. This could be happening because the password your sending though Active Directory does not meet the minimum requirements. Trying using a more complex password such as "M2k3ThisWork!"
如果你想更改 AD 的密码,那么你可以使用这个
If you want to change the password of AD then you use this