ASP.NET WEb Application - AD reset Password using impersonation RRS feed

  • Question

  • User-2093697764 posted

    I have created the web apps to reset the AD password using impersonation?

    Some of my AD user I can reset password, but some user I am getting this error..

    Why I am getting this error. Please help me


    <identity impersonate="true" userName="domain\username" password="password" />

    Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

    ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

    To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

    Source Error:

    Line 88:                                     // Change the user's password and commit the change.
    Line 89:                                     string newpassword = "@test12345";
    Line 90: userEntry.Invoke("SetPassword", newpassword); Line 91:                                     userEntry.CommitChanges();
    Line 92: 

    Source File: t:\dev.avila.edu\ASPNET\ADAdmin\Default.aspx.cs    Line: 90

    Stack Trace:

    [UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))]
    [TargetInvocationException: Exception has been thrown by the target of an invocation.]
       System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) +238
       Default2.ResetUserPassword(Object sender, EventArgs e) in t:\dev.avila.edu\ASPNET\ADAdmin\Default.aspx.cs:90
       System.Web.UI.WebControls.Button.OnClick(EventArgs e) +111
       System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +110
       System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument) +10
       System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +13
       System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +36
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1565
    Wednesday, February 13, 2013 9:11 AM


All replies

  • User-718146471 posted

    Check what the app pool configured identity is. That is where you actually can force the app to impersonate.

    Wednesday, February 13, 2013 2:22 PM
  • User-718146471 posted

    Check over this article: http://msdn.microsoft.com/en-us/library/xh507fc5(v=vs.100).aspx

    <identity impersonate="true" 
      password="********" />

    That should work. If not, I would check that the user you specified actually is an AD administrator.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, February 13, 2013 2:28 PM
  • User-2093697764 posted


    I have added already  in my web.config

    <identity impersonate="true" 
    userName="domain\user"   password="********" />I


    Ok  I will try AD Administrator access .

    Wednesday, February 13, 2013 3:16 PM