fortypoundhead.com

Changing a users password from code

Posted On 2012-09-16 by dwirch
Keywords:
Tags: Visual Basic 6 Tutorial Tip Windows
Views: 1369


Changing an Active Directory user password is not really too difficult. You can even build the function into your own application, by leveraging some Windows API functions.

Note that this doesn't bypass the security need of knowing the users old password! This is just a away you can add "change password" functionality to your own application, while still leveraging Active Directory security.

The Function takes 4 Parameters:

  • Domain Name (ComputerName)
  • User name
  • Old password
  • New password

Simply drop this next code segment into a module, and you it should work straight away.
Option Explicit

Private Declare Function NetUserChangePassword _
Lib "Netapi32.dll" (ComputerName As Any, User As Any, _
OldPass As Any, NewPass As Any) As Long

Private Const ERROR_ACCESS_DENIED = 5&
Private Const ERROR_INVALID_PASSWORD = 86&
Private Const NERR_InvalidComputer = 2351
Private Const NERR_NotPrimary = 2226
Private Const NERR_UserNotFound = 2221
Private Const NERR_PasswordTooShort = 2245
Private Const ERROR_CANT_ACCESS_DOMAIN_INFO = 1351

'Changes the Password for the user "User" on the
'computer "Server" from "OldPassword" to "NewPassword"

Function ChangeUserPassword(ByVal Server As String, _
ByVal User As String, ByVal OldPassword As String, _
ByVal NewPassword As String) As String

Dim r As Long, msg As String

'Create Unicode-Arrays
Dim bComputer() As Byte: bComputer = GetByteArray(Server)
Dim bUser() As Byte: bUser = GetByteArray(User)
Dim bOldPassword() As Byte: bOldPassword = GetByteArray(OldPassword)
Dim bNewPassword() As Byte: bNewPassword = GetByteArray(NewPassword)

'call API-Function
r = NetUserChangePassword(bComputer(0), bUser(0), _
bOldPassword(0), bNewPassword(0))

'check return value and represent as string
Select Case r
Case ERROR_ACCESS_DENIED: msg = "Error: Access denied."
Case ERROR_INVALID_PASSWORD: msg = "Error: Invalid password."
Case NERR_InvalidComputer: msg = "Fehler: Invalid Computer/Domainname."
Case NERR_NotPrimary: msg = "Error: This operation can only performed on the primary domain controler."
Case NERR_UserNotFound: msg = "Error: User not found."
Case NERR_PasswordTooShort: msg = "Error: Password does not match Password-Restrictions. (Password to short, to long or has already been used by this user.)"
Case ERROR_CANT_ACCESS_DOMAIN_INFO
msg = "Error: Error accessing info for domain controler. Maybe the computer is not available or access was denied."
Case 0: msg = "Operation performed successfully."
Case Else: msg = "Error: Unexpected Error " & r & " occured."
End Select

ChangeUserPassword = msg
End Function

'Converts a Unicode-String to a Unicode-Byte-Array.
'Is used because VB always passes Strings as ANSI instead of Unicode.

Private Function GetByteArray(ByVal str As String) As Byte()
Dim Buf() As Byte
Buf = str
ReDim Preserve Buf(Len(str) * 2 + 1)

GetByteArray = Buf
End Function


About the Author

dwirch has posted a total of 172 articles.

 


Comments On This Post

By: AnonymousCoward
Date: 2016-12-27

This doesn't work in my application. I keep getting the same error that the password is shorter than required, or too long, or doesn't meet the policy requirements. I know it meets the policy requirements and I know it's not too short or too long. No matter what I try it doesn't work. I'm using Win2008 server and I've heard other people say it won't work for them either. It did work on Win2003 server but not 2008.

 

lsalvucci@comcast.net

Larry

By: dwirch
Date: 2016-12-27

I will see if I can figure out why it is not working on 2008 or newer.


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.211.127.89

Before you can post, you need to prove you are human. If you log in, this test goes away.



Recent Forum Posts

Job Spammer: Sathya Narayana
dwirch posted on March 15, 2017 at about 7:18 in Spammers

Job Spammer: Manish Kumar
dwirch posted on March 14, 2017 at about 17:44 in Spammers

Site Migration Complete
dwirch posted on March 12, 2017 at about 11:10 in Site News

Site Migration Complete
dwirch posted on March 11, 2017 at about 0:35 in Site News

Job Spammer: Jason Weinstein
dwirch posted on March 10, 2017 at about 14:00 in Spammers

Job Spammer: Ryan Wilson
dwirch posted on March 8, 2017 at about 17:00 in Spammers