Cyberherbalist
Reputation: 12309
How does one require a password to be changed when setting an Active Directory password programmatically?
I am using the following code to reset a user's Active Directory password.
using (var context = new PrincipalContext( ContextType.Domain ))
{
using (var user = UserPrincipal.FindByIdentity( context, IdentityType.SamAccountName, userName ))
{
user.SetPassword( "newpassword" );
}
}
But I need to be able to require the user to change the password after the first time they log in. I can't find a method or setting or property that does the job, however. It is evident that this can be done, I just can't find out how!
Upvotes: 2
Views: 302
Answers (1)
marc_s
Reputation: 754250
You need to expire the newly created password right away - try this:
using (var context = new PrincipalContext(ContextType.Domain))
using (var user = UserPrincipal.FindByIdentity(context, IdentityType.SamAccountName, userName))
{
user.SetPassword("newpassword");
user.ExpirePasswordNow();
}
See the MSDN docs on ExpirePasswordNow for more details
Upvotes: 4
Related Questions
- How to programmatically change Active Directory password
- set user password using c# in Active Directory fails
- Determine AD password policy programmatically
- How to do client-side validation of password change in Active Directory
- I want to set "Password Must Change at Next Login" flag
- Change Password Windows AD C#
- c# Change AD password Directoryservices
- Validate Old Password Before Change Password
- Access Denied when changing password in AD programmatically
- Trying to change a password that "user must change" in AD through ASP.NET