Problem
I am receiving the error “The server is unwilling to process the request” when changing the AD attribute userAccountControl to enable user account in C#. I am using the below C# code to enable AD user account and reset password.
public static void EnableADUser(string username) { DirectoryEntry user = new DirectoryEntry("LDAP://CN="+username+ ",OU=TestOU,DC=TestDomain,DC=com"); int old_UAC = (int)user.Properties["userAccountControl"][0]; // Enable User Account user.Properties["userAccountControl"][0] = (old_UAC & ~2); user.CommitChanges(); // Reset Password user.Invoke("SetPassword", new object[] { "MyP@$w0rd" }); user.CommitChanges(); }
Cause
The cause of the problem is, we are modifying new user attribute before Set the Password. So, we should set the password for new user before making any attribute change. I have changed my C# code to reset password first and change attribute.
public static void EnableADUser(string username) { DirectoryEntry user = new DirectoryEntry("LDAP://CN="+username+ ",OU=TestOU,DC=TestDomain,DC=com"); // Reset Password user.Invoke("SetPassword", new object[] { "MyP@$w0rd" }); user.CommitChanges(); int old_UAC = (int)user.Properties["userAccountControl"][0]; // Enable User Account user.Properties["userAccountControl"][0] = (old_UAC & ~2); user.CommitChanges(); }
Advertisement
omg finally, 3 hours lost on this