Microsoft KB Archive/290278

{|
 * width="100%"|

PRB: Error 0x8007202f When You Use ADSI 2.5 to Set Password in Active Directory

 * }

Q290278

-

The information in this article applies to:


 * Microsoft Active Directory Service Interfaces, version 2.5
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-

SYMPTOMS
When you use Active Directory Service Interfaces (ADSI) 2.5 to set a password on an object in the Active Directory (AD), you receive error 0x8007202f (ERROR_DS_CONSTRAINT_VIOLATION) or the following error message:

Automation error: Logon failure: unknown user name or bad password

CAUSE
This error occurs when the password for the object is not enclosed in quotation marks.

RESOLUTION
To set a password that is enclosed in quotation marks, use the following code samples as an example.

In Microsoft Visual Basic or VBScript:

oUser.SetPassword Chr(34) & &quot;newPassword&quot; & Chr(34) In Microsoft Visual C++:

 // 0x22 = 34 decimal wsprintf(buffer, &quot;\x22%s\x22&quot;, sPassword); hrSet = pNewUser->SetPassword(buffer);

MORE INFORMATION
When a password is set, the Active Directory expects that the password string be enclosed in quotation marks. When you use ADSI 2.5 over a 128-bit Secure Sockets Layer (SSL) connection, you must enclose passwords in quotation marks. Later versions of ADSI will enclose the password string in quotation marks by default so that the programmer does not have to add quotation marks to the password string.

If you use later versions of ADSI, or if you use ADSI 2.5 and do not use a 128-bit SSL connection, the password is set with the additional quotation marks. For example, if the password string is 'dog', and you call the IADsUser::SetPassword method, the password string is enclosed in quotation marks so that the password is set to '&quot;dog&quot;'.