ChangePassword on a user object does not lock account if not successful

StackOverflow https://stackoverflow.com/questions/738587

  •  09-09-2019
  •  | 
  •  

Question

I have an ASP.Net application (on Win2K) that is using Windows authentication and impersonation. We are using the following code to change password:

Dim objDE As DirectoryEntry
'... 
objDE.Invoke("ChangePassword", txtOldPassword, txtNewPassword)

This code works great, except it does not lock the account if there were multiple unsuccessful attempts. Is there any way to make this code to lock the account if incorrect passwords was provided multiple times (as specified in a policy). I can't elevating user privileges, because this potentially makes the system less secure.

Was it helpful?

Solution

I am not sure if a general user would have the permissions to directly lock their own account. However, one method to do such would be:

objDE.InvokeSet("IsAccountLocked", true)

For a great resource on .NET on Active Directory please see this article.

My appologies for the above link being in C#, if you need a good converter try this one.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top