我有这个代码来更改活动目录中用户的密码:
DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://0.0.0.0/CN=John Smith,OU=12345,OU=Project,DC=mysite,DC=local");
directoryEntry.AuthenticationType = AuthenticationTypes.Secure;
directoryEntry.Username = "adminusername";
directoryEntry.Password = "adminpassword";
directoryEntry.Invoke("SetPassword", new object[] { "newPassword" });
directoryEntry.Properties["LockOutTime"].Value = 0; //unlock account
当我尝试将此代码直接执行到直接位于活动的服务器中时,这可以完美地工作,但是当我尝试使用位于另一个域中的机器执行它时,我收到此错误:
System.Reflection.TargetInvocationException: Exception has been thrown by the ta
rget of an invocation. ---> System.Runtime.InteropServices.COMException: The RPC
server is unavailable. (Exception from HRESULT: 0x800706BA)
这是我唯一的一个限制,因为使用相同的管理员用户和其他凭据,我可以添加用户、删除用户、添加组、重命名任何对象等......但不能更改密码。
并不是说我尝试使用此代码并且它也不起作用:
public bool SetPassword(string userName, string newPassword, Domain.ActiveDirectory.Credentials credentials)
{
try
{
using (var pc = new PrincipalContext(ContextType.Domain, credentials.ServerName, credentials.OrganizationalUnitsDn + "," + credentials.DomainControllerName))
{
using (var user = UserPrincipal.FindByIdentity(pc, IdentityType.SamAccountName, userName))
{
if (user == null)
{
return false;
}
user.SetPassword(newPassword);
return true;
}
}
}
catch (Exception e)
{
return false;
}
}
有人有想法吗?
谢谢你。