I’m stuck with the UserPrincipal class manipulating AD-LDS user-objects. While I can query users, change attributes and save them back to AD LDS, as soon as I try to set (or change) the password, I always get a PrincipalOperationException
with the additional information “The directory property cannot be found in the cache.”
If I change the user’s password via ADSI-Edit, everything works fine. Therefore I assume it’s not a schema-issue. I bind with simple binding and without SSL (it’s a development-machine). I have allowed the unsecure password-setting option via dsmgmt. The user I use to connect is in the admin-role of the directory hive where the users reside in. The code looks like this (simplified):
using (var ctx = GetPrincipalContext()) {
UserPrincipal u = UserPrincipal.FindByIdentity(ctx, IdentityType.Name, identityValue);
u.SetPassword("12345$äöAAA1234_");
u.Save();
}
where the context is created in GetPrincipalContext() like this:
new PrincipalContext(ContextType.ApplicationDirectory, "localhost", "[DC=...]", ContextOptions.SimpleBind,"[username of adminuser]","[Password of admin user]");
The same issue arises when I try to create a new UserPrincipal and then saving it. I assume, it is also because of the attached Password.