Active Directory - Unable to change user account password

Hi There,

I am trying to change active directory user account password using ‘change user password’ activity under ‘Active directory domain services’ package.

but when i execute the password i get the following error
“Change User Password: An error has occurred: Exception has been thrown by the target of an invocation.”

@ovidiuponoran
@loginerror
@Palaniyappan

could you please help me with this?

@andreioros

1 Like

@AndersJensen

@sai_kumar

@rahul11

  1. The userDN’s value might not be correct - try getting the user eg by sAMAccountName with the GetObjectDistinguishedName activity and check afterwards if UserExists

  2. If the userDN is ok, the ActiveDirectoryScope activity credentials used to connect to the AD might not be ok (eg: not enough rights)

  • were you able to do other AD operations in the workflow with those credentials?

Hi @andreioros Thanks for the reply,

  1. I have tried getting the user with GetObjectDistinguishedName activity .A screenshot with the output of this activity which is Distinguished name of the user is attached. I have provided sAMAccountName as the input.

  2. You have suggested us to use UserExists after retrieving the DistinguishedName. But the ‘UserExists’ activity expects sAMAccountName as one of the input.
    a) If DN retrieved in the previous step is passed to UserExist without sAMAccountName the activity does not work.
    b) If DN along with sAMAccountName is provided to UserExist then the activity identifies that the UserExists but we are still not able to change the password.
    could you please explain how to achieve this?

  3. I have double checked the ActiveDirectoryScope activity credentials and they are working as expected. As mentioned we are able to retrieve the user DN.

  4. Other AD operations like unlock a user using the credentials are working as expected except the ‘ChangePassword’ acivity

  5. Fyi am the ActiveDirectory Admin, do let me know if something needs to be changed at AD level.

I did some tests on my side with all 1.2.x AD activity packs, all looks good.

Another cause that I think can generate an error is if you have password policies enforced - does the password you are setting respect the minimum complexity?