Access Denied when trying to change password from c#

Question

I wrote a tool that allows users to change their AD-password. This tool works without problems on my companies domain, but when running it on our customers machine with citrix I receive the following error message:

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) --- End of inner exception stack trace --- at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at System.DirectoryServices.AccountManagement.SDSUtils.ChangePassword(DirectoryEntry de, String oldPassword, String newPassword) at System.DirectoryServices.AccountManagement.ADStoreCtx.ChangePassword(AuthenticablePrincipal p, String oldPassword, String newPassword) at CitrixPWChangeBackend.ActiveDirectory.ChangePasswordForCurrentUser(String oldPw, String newPw, Boolean& errorWrongPw, Boolean& errorPasswordRules, String& errorMessage)

The Line causing that Error is:

UserPrincipal.Current.ChangePassword(oldPw, newPw);

"oldPW" is correct, of course

Answer 1

The "magic" reason was a policy for that user causing the property "UserCannotChangePassword" to be true. No Citrix specific issue.