Home/ Questions/Q 3214592
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-17T15:04:44+00:00

I’m writing a function for a web app in ASP.NET where the client logs

  • 0

I’m writing a function for a web app in ASP.NET where the client logs into the server machine, which is Windows authenticated against the local users on the server. The function I am writing resets the users password and emails them the new one. I do this like so:

String userPath = "WinNT://"  + Environment.MachineName + "/" + username.Text;
DirectoryEntry de = new DirectoryEntry(userPath);
de.Invoke("SetPassword", new object[] { password });

How can I also check the flag to force the user to change their password the next time they log in with the password emailed to them? I tried using pwdLastSet like so:

de.Properties["pwdLastSet"].Value = 0;

But this apparently only works with LDAP, not WinNT, and I am doing this locally.

Any experts know any better than me? I have even tried looking for a way to do this through the command line so that I can just create a Process, but I haven’t been able to find a way to do it that way, either.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    For WinNT, you must set the value to 1 rather than 0, and the property name is “PasswordExpired” rather than “pwdLastSet”; see http://msdn.microsoft.com/en-us/library/aa746542(VS.85).aspx

    In other words, do this for WinNT:

    de.Properties["PasswordExpired"].Value = 1;

    (It is confusing, I know, but for LDAP you need to set the property “pwdLastSet” to 0. How’s that for inconsistency!)

    • 0