I use classes in the System.DirectoryServices.AccountManagement namespace to interact with Active Directory with my web application. To authenticate user credentials for Active Directory, I use the following line of code.
bool authSucceeded=principalContext.ValidateCredentials(userName, password);
where mainContext is an instance of PrincipalContext. authSucceeded is executed when the user is authenticated with the credentials provided. But this method fails when the "change password at next logon policy" is active. For these users, even if they are created with a password, "Abcd_10" is not authenticated.
Does anyone have an idea how I can authenticate a user in this state so that I can redirect him to the password change screen? I made code for all other tasks. But this is not enough.
I just need to know the reason why
principalContext.ValidateCredentials
the method returns false as due to an incorrect password / invalid username / user is deactivated OR my request (it is authenticated to change the password)
If any idea please share.
source share