Changing a users password from code
Changing an Active Directory user password is not really too difficult. You can even build the function into your own application, by leveraging some Windows API functions.
Note that this doesn't bypass the security need of knowing the users old password! This is just a away you can add "change password" functionality to your own application, while still leveraging Active Directory security.
The Function takes 4 Parameters:
- Domain Name (ComputerName)
- User name
- Old password
- New password
Simply drop this next code segment into a module, and you it should work straight away.
Private Declare Function NetUserChangePassword _
Lib "Netapi32.dll" (ComputerName As Any, User As Any, _
OldPass As Any, NewPass As Any) As Long
Private Const ERROR_ACCESS_DENIED = 5&
Private Const ERROR_INVALID_PASSWORD = 86&
Private Const NERR_InvalidComputer = 2351
Private Const NERR_NotPrimary = 2226
Private Const NERR_UserNotFound = 2221
Private Const NERR_PasswordTooShort = 2245
Private Const ERROR_CANT_ACCESS_DOMAIN_INFO = 1351
'Changes the Password for the user "User" on the
'computer "Server" from "OldPassword" to "NewPassword"
Function ChangeUserPassword(ByVal Server As String, _
ByVal User As String, ByVal OldPassword As String, _
ByVal NewPassword As String) As String
Dim r As Long, msg As String
Dim bComputer() As Byte: bComputer = GetByteArray(Server)
Dim bUser() As Byte: bUser = GetByteArray(User)
Dim bOldPassword() As Byte: bOldPassword = GetByteArray(OldPassword)
Dim bNewPassword() As Byte: bNewPassword = GetByteArray(NewPassword)
r = NetUserChangePassword(bComputer(0), bUser(0), _
'check return value and represent as string
Select Case r
Case ERROR_ACCESS_DENIED: msg = "Error: Access denied."
Case ERROR_INVALID_PASSWORD: msg = "Error: Invalid password."
Case NERR_InvalidComputer: msg = "Fehler: Invalid Computer/Domainname."
Case NERR_NotPrimary: msg = "Error: This operation can only performed on the primary domain controler."
Case NERR_UserNotFound: msg = "Error: User not found."
Case NERR_PasswordTooShort: msg = "Error: Password does not match Password-Restrictions. (Password to short, to long or has already been used by this user.)"
msg = "Error: Error accessing info for domain controler. Maybe the computer is not available or access was denied."
Case 0: msg = "Operation performed successfully."
Case Else: msg = "Error: Unexpected Error " & r & " occured."
ChangeUserPassword = msg
'Converts a Unicode-String to a Unicode-Byte-Array.
'Is used because VB always passes Strings as ANSI instead of Unicode.
Private Function GetByteArray(ByVal str As String) As Byte()
Dim Buf() As Byte
Buf = str
ReDim Preserve Buf(Len(str) * 2 + 1)
GetByteArray = Buf
About the Author
dwirch has posted a total of 172 articles.
Comments On This Post
Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.
Or you can drop a note to the administrators if you're not sure where you should post.