tags:

views:

2176

answers:

2
+3  Q: 

ASP.NET ChangePassword control with ActiveDirectoryMembershipProvider

I have a webapp that uses Forms Authentication using ActiveDirectoryMembershipProvider. That works fine... users can do login successfully.

Once the user do login, he can change the password. We use a ChangePassword control that retrieve the Membership information and uses the OLD and new password to change the user's password. THAT Doesn't work.

The Exception message thrown is that the password doesn't fits the password policies (Not the message of the provider, but the underlying COM object. But this is not the case, as going to the ActiveDirectory console and changing the password there do works. When using the ActiveDirectory console we used a quite simple password: "Password01".

The user in ActiveDirectory is set to Allow changing password. All our users are stored in a certain OU and the connection string to AD points to this OU also. Again, the connection is successfull as we can do Login.

Any other thing that can prevent us to change Password?

Exception information

    System.Web.Security.MembershipPasswordException: The password supplied is invalid.
Passwords must conform to the password strength requirements configured for the default provider.
---> System.Runtime.InteropServices.COMException (0x800708C5): The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements. (Exception from HRESULT: 0x800708C5)
       --- End of inner exception stack trace ---
       at System.Web.Security.ActiveDirectoryMembershipProvider.ChangePassword(String username, String oldPassword, String newPassword)
       at System.Web.Security.MembershipUser.ChangePassword(String oldPassword, String newPassword)
+1  A: 

When you configure the membership provider in the web.config there are several password related values that can be set, namely:

MinRequiredNonAlphanumericCharacters
MinRequiredPasswordLength
PasswordStrengthRegularExpression

I would first make sure that all of these are set to values which will match up with ActiveDirectory.

Next, make sure that the connectionProtection attribute is set to SignAndSeal, you cannot change passwords otherwise:

connectionProtection="SignAndSeal"

Besides those suggestions, I looked in Reflector and all the COM errors (except 0x7FF8FAD2) are being thrown straight up to the client. Error 0x800708C5 appears in the MSDN in several places but always with the text that password complexity is not sufficient.

jellomonkey  2009-05-15 20:48:05
+1  A: 

Well, sorry for the inconvenience...

The problem was that the Active Directory Administrator had set that you can wait a day before changing the password.

So, if we create a user... the USER must wait 1 day to change his password. The Administrator can reset a password without this restriction.

Thanks for your comments.

Romias  2009-05-15 21:43:29

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps