A basic starting point

Aug 5, 2015 at 3:35 PM
Hi! I'm writing this as I have to deal with a GC setup to have
  • a user validate his credentials (no involvement of an admin)
  • a user have his password reset (through a admin user sitting on a specific DC)
  • a user have his account unlock (through a admin user sitting on a specific DC)
Detail: http://stackoverflow.com/questions/31772524/resetting-a-active-directory-user-password-in-a-forest

I'm looking at your wrapper but a simple sample pointing at how to start with it would help. Also, if you can understand my requirement maybe you can point me in the right direction as I was working on a simple AD setup was was able to use the .Net 3.5 APIs to accomplish the tasks. Now, nothing seems to be working for me. The admin user is on a specific DC and has visibility and access to other DCs and users.

I'm struggling with some points:
  • The PrincipleContext API is not going to work for me. After research, I found that I can have the validation work by appending a GC port number while initiating the context but same cannot be done for reset scenario. Then, the admin credentials are used while rendering the context but upon attempting to call SetPassword, I get an error telling me NOT to specify GC port and if I do that, I fail to retrieve the user if he is in a separate child domain or other DC
  • I'm also confused regarding the format of names here. I think I need to specify names (users and admin) as principle names (name@domain.com) at least. With so many sub domains, the samaccount name is not guaranteed to be unique. Which led me to your article.
Any help will be greatly appreciated.