Exception has been thrown by the target of an invocation – Access is denied

Problem

I have received the error “System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
— End of inner exception stack trace —
at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
at System.DirectoryServices.AccountManagement.SDSUtils.ChangePassword(DirectoryEntry de, String oldPassword, String newPassword)
at System.DirectoryServices.AccountManagement.ADStoreCtx.ChangePassword(AuthenticablePrincipal p, String oldPassword, String newPassword)
” when I try to change an AD user password using C# code.

This is my C# code:

var userEntry = new DirectoryEntry("LDAP://<GUID=" + guid + ">");
    userEntry.Invoke("ChangePassword", new object[] { oldPassword, newPassword });
    userEntry.CommitChanges();

Solution

In my case, the reason for this error is that the problematic user has the property “UserCannotChangePassword” as true. You can check the user’s Account options: User cannot change password through ADUC console.

Change AD Password Exception has been thrown by the target of an invocation - Access is denied
Advertisement

Leave a Comment