Setting "User Cannot Change Password" via LDAP
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 3 of 3

Thread: Setting "User Cannot Change Password" via LDAP

  1. #1
    Join Date
    Feb 2005
    Posts
    35

    Question Setting "User Cannot Change Password" via LDAP

    We manage all accounts centrally, including new account requests. This has been a two step process where a network account was first created that dealt with most campus wide services and then a separate Windows domain account was created for student lab and staff use. I am trying to simplify that and I am able to create the domain account via a standard LDAP API as well as set a synchronized password. But the one thing we want to insure is that domain users only change their passwords through the centralized service and not locally from within Windows -- that way passwords stay in sync. The problem is disabling the user's ability. However, doing this requires setting an ACE in the ntSecurityDescriptor attribute of the entry. While I can do that via a vbs script, that also defeats the purpose of managing everything centrally. Is there a way to set the ACE via LDAP over the network, and does anyone have any code examples?

    Thanks,
    Rob

  2. #2
    Join Date
    Mar 2006
    Posts
    1

    Re: Setting "User Cannot Change Password" via LDAP

    Did you ever figure this out? I am attempting to do something similar and have yet to find any good examples ....

  3. #3
    Join Date
    Feb 2005
    Posts
    35

    Re: Setting "User Cannot Change Password" via LDAP

    We eventually hired a Windows sysadmin who actually knows his stuff and how to set policies. He used a group policy to globally disable a user's ability to change his or her password. They are therefore forced to use the main webtool that keeps everything in sync.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center