I am using the classes in System.DirectoryServices.AccountManagement namespace to interact with Active Directory from my web application. To authenticate user credentials against Active Directory I use the following line of code.
bool authSucceeded=principalContext.ValidateCredentials(userName, password);
where principalContext is the PrincipalContext instance. authSucceeded is true when a user is authenticated with the provided credentials. But this method fails when a 'change password on next login policy is active. For those users, even if they are created with a password 'Abcd_10' is not authenticated.
Anyone have an idea how I can authenticate a user in this state so that I can redirect him to a change password screen? I have done code for all the other tasks. But only this thing is missing.
Simply I need to know the reason why the
principalContext.ValidateCredentials
method returned false like due to incorrect password/invalid username/user is deactivated OR my requirement(is he being authenticated for password change)
If any idea, please share..
