Normally when I am writing administrative code against Active Directory I will try to stick to a single domain controller because replication will cause creates, updates, and deletes to be unreliable when talking to the domain name. I don't know the answer off the top of my head but there is a list on Yahoo that is dedicated to adsi and directoryservices. Maybe somebody there will know for sure. Either way it seems that you are suffering from delays in replication between domain controllers. I am surprised that you can log in with both set of credentials. I guess after about 15 minutes this is not that case anymore, and only the new set of credentials are valid.
Checkout: [EMAIL PROTECTED] > > -----Original Message----- > From: Moderated discussion of advanced .NET topics. > [mailto:[EMAIL PROTECTED] On Behalf Of Ollie Riches > Sent: Monday, June 09, 2003 2:47 AM > To: [EMAIL PROTECTED] > > I am invoking the 'ChangePassword' method on the > DirectoryEntry object for a user, this successfully changes > the passsword for the user and I can login with the new > password, BUT the old password is also valid so I can login > with either the new or old password until the win32 process > has been shutdown. It appears the changes are not getting > flushed into the AD correctly.... > > Has anyone else seen this? > > Has anyone got a solution? > > I have tried turning off property caching using the 'UsePropertyCache' > property and then reloading the properties using the > 'RefreshCache' method but this did not help. > > The code used to reset the password is shown below:- > > private void > ChangePassword(System.DirectoryServices.DirectoryEntry entry, > string oldPassword, string newPassword) { object[] pwd = new > object[] {oldPassword, newPassword}; > entry.Invoke("ChangePassword", pwd); //Commit the changes > back into directory service entry.CommitChanges(); > entry.RefreshCache(); } > > Cheers in Advance > > Ollie >
