Change Windows password in a web application

Question

I have a web site using https and basic authentication. User is automatically authenticated against Windows. The web site is hosted on a workgroup computer (not member of a domain). I'm working with .NET Framework 4 and C#

I try to change the password of the user from a web page (after the user is authenticated) without success. I tried several things using DirectoryService like :

    using (DirectoryEntry directoryEntry = new DirectoryEntry(string.Format(@"WinNT://localhost/{0}, user", userName), domainAndUser, userPassword))
    {
        directoryEntry.Invoke("ChangePassword", new object[] { oldPassword, newPassword });
        directoryEntry.CommitChanges();
    }

I receive an access denied error. I guess I need to be admin to do this.

Is what I try to do possible and how to achieve that ?

Thanks in advance for your answers !

Christian

Answer 1

You have to run that code impersonated as administrator on your workgroup computer, have a look at ASP.NET Impersonation and ASP.NET Runtime Impersonation