Change local Windows user password
You can usually change your own password in Windows without administrator rights .
I am writing a tool to manage users and groups on multiple servers / clients. I also want to give the client the right to edit their password. Of course, clients do not have administrator rights. To change the password of an admin user , I used DirectoryEntry as follows:
try
{
DirectoryEntry localDirectory =
new DirectoryEntry("WinNT://" + Environment.MachineName.ToString());
DirectoryEntries users = localDirectory.Children;
DirectoryEntry user = users.Find(username);
user.Invoke("SetPassword", newPassword);
Console.WriteLine("Success!");
Console.ReadLine();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
Console.ReadLine();
}
The problem is that DirectoryServices are not available without administrator rights. So I want to have a workaround that works without admin rights (just to change my own password).
source to share
SetPassword
requires admin rights to execute - this is not something you probably want to do. ChangePassword
is not used and cannot be used by the end users themselves. The old password and the new password are used as arguments. This would be the preferred way of doing this, and it would also confirm their identity.
source to share
In theory, you could use a workaround using the WinNT provider to create the object DirectoryEntry
, allowing the user to change passwords without granting domain administrator privileges. You can also view the provided code here using an encrypted database to store administrator credentials.
This is a dangerous move, perhaps depending on the nature of your storage (you could use a hash of the machine's MAC address as a password, perhaps?), But I'm not sure if there is another way to do it. As far as I know, eMi's answer wo n't work without an authenticated instance DirectoryEntry
, although I could be wrong.
source to share