Abhimanyu Abhimanyu - 3 months ago 23
ASP.NET (C#) Question

Getting user password from Active Directory

I am using active directory in my ASP.NET project and whenever user register in the site,an account is created in AD. There is an Forgot Password link.Is it possible to get user password from AD.I can get the name or email, but I don't know if I can get the password.

Answer Source

That is impossible. I would suggest that you do not implement 'forgot password' functionality, but rather 'reset password'. You generate a new password, reset the password in Active Directory and send the new password to the user.

EDIT: Based on the information in your comment. First of all, it is a very bad idea to use an administrator account the way you use it now, with the account name and password as part of your code. You're running an ASP.NET site, so you should configure the application pool to run with this account.

Second, you should simply create a DirectoryEntry with the correct path and reset the password. I'm not sure what your oEntry is:

var userEntry = new DirectoryEntry(
    "LDAP://CN=SomeUser,OU=Users,DC=yourdomain,DC=com");
using (userEntry)
{
    userEntry.Invoke("SetPassword", new object[] { "NewPassword" });
    userEntry.CommitChanges();
}