# Friday, 06 October 2006

I'd been having some trouble (read: beating my head against the wall) trying to get passwords set/changed for users in ADAM early this week.  Unfortunately, many of the available samples are geared toward IT rather than development users, so tend to be in script, etc.  I've been working from the excellent book "The .NET Developer's Guide to Directory Services Programming" by Joe Kaplan and Ryan Dunn.  Sadly, I couldn't get their password changing samples to work, although aside from that the information in the book has been invaluable. 

I finally found what I needed in an obscure section of the documentation after many a googling.  This article gave me the key info that made this work.  I haven't tried all the permutations, but I think the key piece I was missing was the right combination of AuthenticationTypes flags


            // Set authentication flags.

            // For non-secure connection, use LDAP port and

            //  ADS_USE_SIGNING |

            //  ADS_USE_SEALING |


            // For secure connection, use SSL port and


            AuthTypes = AuthenticationTypes.Signing |

                AuthenticationTypes.Sealing |



            // Bind to user object using LDAP port.



                objUser = new DirectoryEntry(

                    strPath, null, null, AuthTypes);



            catch (Exception e)


                Console.WriteLine("Error:   Bind failed.");

                Console.WriteLine("        {0}.", e.Message);



This sample worked just fine, and I was finally able to set or change passwords for ADAM users.  Once that's done, authenticating that user is as easy as

            DirectoryEntry de = new DirectoryEntry("LDAP://localhost:50000/RootDSE",





If the supplied password is correct, it succeeds, else you get an exception. 

Now I can get on with the interesting parts...