从C#.net在活动目录中使用临时密码登录时如何设置强制重置密码
[英]How to set force reset password when login with temporary password in active directory from c# .net
问题描述
I have the following code to reset the password for the user in active directory and the code is working fine. 
我有以下代码可以重置活动目录中用户的密码,并且该代码工作正常。 Somehow I would like to force the user to reset their password when they first login into the computer with the temporary password. 我想以某种方式强迫用户在首次使用临时密码登录计算机时重置其密码。 I tried to use both uEntry.Properties["pwdLastSet"].Value = 0; 我试图同时使用uEntry.Properties["pwdLastSet"].Value = 0; and uEntry.Properties["PasswordExpired"].Value = 1 , it's doesn't work. 和uEntry.Properties["PasswordExpired"].Value = 1 ,它不起作用。 Anyone know how can I make it happen? 有人知道我该如何实现吗?
DirectoryEntry uEntry = new DirectoryEntry(userDn, "abc", "abc123");
uEntry.Invoke("SetPassword", new object[] { password });
uEntry.Properties["pwdLastSet"].Value = 0;
uEntry.Close();
1 个解决方案
解决方案1
0 2015-01-22 14:51:04
Some points to note: 需要注意的几点:
- Call
uEntry.CommitChanges();调用uEntry.CommitChanges();to commit the change after setting pwdLastSet在设置pwdLastSet之后提交更改 The
userDninnew DirectoryEntry(userDn, "abc", "abc123");new DirectoryEntry(userDn, "abc", "abc123");的userDnnew DirectoryEntry(userDn, "abc", "abc123");should be an LDAP path instead of really a DN.应该是LDAP路径,而不是真正的DN。 For example: 例如: LDAP://example.com/CN=user,DC=example,DC=cominstead ofCN=user,DC=example,DC=comLDAP://example.com/CN=user,DC=example,DC=com而不是CN=user,DC=example,DC=com- Make sure the "password never expire" flag is not set for user 确保未为用户设置“密码永不过期”标志
To clear this, clear the DONT_EXPIRE_PASSWORD (0x10000) bit in userAccountControl attribute.若要清除此问题,请清除userAccountControl属性中的DONT_EXPIRE_PASSWORD(0x10000)位。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.