在下次登录时更改密码登录方式与AdMembership providier [英] Change Password on next Logon for Forms Login with AdMembership providier

问题描述

我在做asp.net，使用FormsAuthentication与AdMembership proivder。

I'm doing asp.net, using FormsAuthentication with the AdMembership proivder.

我不得不手工编写了关于下次登录时更改密码屏幕，因为它不是nativley在供应商的支持。

I'm having to manually write a "change password on next logon" screen because it's not nativley supported in the provider.

我所说的：

if (Membership.Provider.ChangePassword(cpCv.LoginName, cpCv.OldPassword, cpCv.NewPassword))

要验证用户并更改密码（但不能清除下一次登录标志）

to validate the user and change the password (but not clear the "on next logon flag")

但总是失败， （我假设当更改密码在下次登录标志设置becasue会员验证失败。）

But it always fails, (I assume becasue membership validation fails when the "Change Password On Next Logon flag" is set.)

什么是验证用户的最简单的方法，所以我可以肯定的旧密码和重置密码，清除下一次登录标志前的用户名的比赛？

What is the easiest way to validate the user, so I can be sure the "old password" and "username" match before resetting the password and clearing the "on next logon" flag?

我已经得到了resetpassword和明确的标志的东西的工作，这是一个的把我卡住了验证。

I've got the resetpassword and clear flag stuff working, it's the validation that's got me stuck.

也试过这个code，如果复位标志是假的，它记录的，如果是真的就无法登录。

Also tried this code, If the Reset flag is false, it logs in, if true it fails to log in.

    DirectoryEntry de = new DirectoryEntry( path, "jcsn\\"+AdUserName, AdPassword );

    try
    {
        //Bind to the native AdsObject to force authentication.
        object obj = de.NativeObject;

        DirectorySearcher search = new DirectorySearcher( de );

        search.Filter = "(SAMAccountName=" + AdUserName + ")";
        search.PropertiesToLoad.Add( "cn" );
        SearchResult result = search.FindOne();

        if ( null == result )
        {
            return false;
        }

    }
    catch ( Exception ex )
    {
        throw new Exception( "Error authenticating user. " + ex.Message );
    }

谢谢

埃里克 -

推荐答案

尽管这是一个古老的线程，似乎没有答案。

Although this is an old thread, it seems unanswered.

在<一个href="http://bytes.com/topic/asp-net/answers/697504-cant-log-user-having-must-change-password-flag-set-forms-au"相对=nofollow>链接的论坛帖子，联系了微软对这个同样的问题是 Membership.ValidateUser（）返回假时的帐户选项开发商< STRONG>用户必须更改密码在下次登录是检查由系统管理员：

In the linked forum post, the developer contacted Microsoft on this same issue with Membership.ValidateUser() returning false when the Account Option for 'User must change password at next logon' was checked by a SysAdmin:

的ActiveDirectoryMembershipProvider不允许用户具有   用户必须更改密码在下次登录......标志设置为登录。   根据MS这是由设计：由于   ActiveDirectoryMembershipProvider不提供了一种机制，迫使   用户在日志给一个新的密码上，认证被阻止。

The ActiveDirectoryMembershipProvider does not allow users having the "User must change password on next logon...." flag set to log in. According to MS this is by design: Because the ActiveDirectoryMembershipProvider doesn't provide a mechanism to force the user to give a new password at log on, authentication is blocked.

他们继续给出提示，他们使用FormsAuthentication的安全API，但没有提供一个例子。

They went on to give a hint where they used the Security API with FormsAuthentication, but did not provide an example.

任何人有什么想法？

这篇关于在下次登录时更改密码登录方式与AdMembership providier的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！