Password synchronization Extension

I have 2 MAs AD MA and SQL MA

Want to synhronize password from AD to SQL.

SQL has following table

FirstName LastName EmployeeType EmploymentStatus EmployeeID OfficeTelephone MobilePhone ID AppPassword

PCNS is installed with target specified. password management is enabled under tools->options,for AD ma and SQL MA

I have written a password extension for SQL MA

using System;
using System.IO;
using System.Xml;
using System.Text;
using System.Collections.Specialized;
using Microsoft.MetadirectoryServices;
using System.Data.SqlClient;

namespace Miis_PasswordManagement
{
    public class MAPasswordManagement :
        IMAPasswordManagement
    {
        //
        // Constructor
        //
        public MAPasswordManagement(
            )
        {
            
        }


        public void BeginConnectionToServer(            
            string connectTo,
            string user,
            string password
            )
        {
            try
            {
                string connectionString = null;
                SqlConnection cnn;
                connectionString = "Data Source=win2k8base;Initial Catalog=TelephoneDB;Integrated Security=SSPI";
                cnn = new SqlConnection(connectionString);
                cnn.Open();
            }
            catch (Exception Ex)
            {
                //
                // TODO: Remove this throw statement if you implement this method
                //
                //throw new EntryPointNotImplementedException();
                throw new UnexpectedDataException("Error Begintoconnect" + Ex);
            }
        }

        public void EndConnectionToServer(
            )
        {
            

            //cnn.close();
            //
            // TODO: Remove this throw statement if you implement this method
            //
            //throw new EntryPointNotImplementedException();
        }
        
        public ConnectionSecurityLevel GetConnectionSecurityLevel(
          )
        {
         //
            // TODO: Remove this throw statement if you implement this method
            //
           throw new EntryPointNotImplementedException();
        }
        
        public void SetPassword(
            CSEntry csentry, 
            string  NewPassword
            )
        {
            try
            {
                SqlCommand sqlCmd = new SqlCommand();
                string DN = csentry.DN.ToString();
                               
                String SQLString = "UPDATE [TelephoneDB].[dbo].[EmployeesData] SET [AppPassword] = '" + NewPassword + "' WHERE ID = '" + DN + "'";
                sqlCmd.CommandText = SQLString;
                //sqlCmd.connection = sqlconnection;
                sqlCmd.ExecuteNonQuery();
                sqlCmd.Dispose();
            }
            catch (Exception Ex)
            {
                throw new UnexpectedDataException("Error SetPassword" + Ex);
                //

                // TODO: Remove this throw statement if you implement this method
                //
                //throw new EntryPointNotImplementedException();
            }
        }
 
      public void ChangePassword(
        CSEntry csentry, 
      string  OldPassword,
      string  NewPassword
            )
       {
            //
            // TODO: Remove this throw statement if you implement this method
            //
            //throw new EntryPointNotImplementedException();
      }
      
        public void RequireChangePasswordOnNextLogin(
            CSEntry csentry, 
            bool    fRequireChangePasswordOnNextLogin
            )
        {
            throw new EntryPointNotImplementedException();
        }
    }
}

PCNS is getting the password and sending it to SQL. It is able to get the DN for which it needs to set the password

 Event 

A password notification was successfully staged for synchronization. 

Additional information: 
Reference ID: {1A8ED5DB-2A17-4FE9-A28D-43C354461B4B} 
Target Object GUID: {A409AC81-A17F-E411-B681-000C29F9D1D0} 
Target MA Name: Telephone 
Target DN: 2

But then FIM sync fails with following error

A password synchronization set operation has failed in a target connected data source. 
 
Additional information: 
Tracking ID: {C2061DB0-61D1-49EB-92B1-07DA6E747284} 
Reference ID: {1A8ED5DB-2A17-4FE9-A28D-43C354461B4B} 
Target Object GUID: {A409AC81-A17F-E411-B681-000C29F9D1D0} 
Target DN: 2 
Target MA Name: Telephone 
Retry Count: 1 
ErrorCode: 0x80230730 
ErrorString: (The password extension does not implement the entry point.)

Any suggestions

June 18th, 2015 8:51am
Adi - presuming you've followed instructions like https://msdn.microsoft.com/en-us/library/windows/desktop/ms695379(v=vs.100).aspx to the letter, I suspect the problem here is that you haven't implemented the ChangePassword interface, and this is the one that PCNS is looking for. I don't know this for sure but it is an educated guess (it is about 5 years since I wrote one of these). What I do know for sure is that the (admin only) SetPassword idea generally differs from the (normal user) ChangePassword idea which PCNS is trying to capture and relay via FIM to your SQL table. I would implement this interface (for now don't worry about the OldPassword parameter - you may choose to fail the attempt later if the OldPassword parameter value doesn't match what is in your SQL table at the time of the request).
Free Windows Admin Tool Kit Click here and download it now
June 19th, 2015 2:48pm
Thanks Bob. I tried with Change password interface but it gives the same error.
June 22nd, 2015 6:04am
Then it sounds like your DLL isn't being loaded - are you compiling to the correct .Net version matching your miiserver.exe.co
Free Windows Admin Tool Kit Click here and download it now
June 22nd, 2015 10:38am

I complied the password extension with .net 3.5

miisserver.exe.config file is like this

<startup useLegacyV2RuntimeActivationPolicy="true">
     <supportedRuntime version="v2.0.50727"></supportedRuntime>
     <supportedRuntime version="v4.0"></supportedRuntime>

  </startup>

June 23rd, 2015 6:21am

What about this section?

<runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.MetadirectoryServicesEx" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="3.3.0.0-4.1.3.0" newVersion="4.1.4.0" />
      </dependentAssembly>
      <probing privatePath="Assemblies" />
    </assemblyBinding>
  </runtime>

Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2015 7:24pm
<runtime>
    <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
      <dependentAssembly>
        <assemblyIdentity name="Microsoft.MetadirectoryServicesEx" publicKeyToken="31bf3856ad364e35" />
        <bindingRedirect oldVersion="3.3.0.0-4.1.3.0" newVersion="4.1.4.0" />
      </dependentAssembly>
      <probing privatePath="Assemblies" />
    </assemblyBinding>
  </runtime>

June 24th, 2015 8:18am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics