Child Domain User Name " The password change operation failed with the following message: User principal was not found"

Oct 30, 2014 at 11:07 AM
Hi. Please Help..
I can change root user domain (user@domain.com) but can not change child user domain (user@child.domain.com) "The password change operation failed with the following message: User principal was not found"
Coordinator
Oct 30, 2014 at 4:30 PM
As the instructions state the user principal needs to be on the same domain as the donain-joined server where the web app is running. I don't think this supports child domains.
Oct 31, 2014 at 5:42 AM
problem solved...I create 2 web server, 1st for root domain and 2nd for child domain.
is there a better idea ?
Thanks Mario
Jan 22, 2015 at 3:02 PM
Hi cevox

I had the same problem. We also have a AD-Forest with three domains. After installing passcore it worked to change passwords from other domains as the server (where passcore is installed) is installed. After a while, it stopped working, only the passwords from the same domain as the server could be changed.

After a short review of the source-code I found the problem. Passcore uses the same domain-context as the webserver as default. You could add some code to check all of your domains, to which your user belong.

Comment out this lines in sourcecode in Controllers\HomeControllers.cs
                var principalContext = new PrincipalContext(ContextType.Domain);
                var userPrincipal = UserPrincipal.FindByIdentity(principalContext, model.UserPrincipalName);

                if (userPrincipal == null) throw new Exception("User principal was not found");
and add some code for each domain:
                var principalContextDomain1= new PrincipalContext(ContextType.Domain, "domain1.local");
                var principalContextDomain2 = new PrincipalContext(ContextType.Domain, "sub1.domain1.local");
                var principalContextDomain3 = new PrincipalContext(ContextType.Domain, "sub2.domain1.local");

                var userPrincipal = UserPrincipal.FindByIdentity(principalContextDomain1, model.UserPrincipalName);
                if (userPrincipal == null)
                {
                    userPrincipal = UserPrincipal.FindByIdentity(principalContextDomain2, model.UserPrincipalName);
                    if (userPrincipal == null)
                    {
                        userPrincipal = UserPrincipal.FindByIdentity(principalContextDomain3, model.UserPrincipalName);
                        if (userPrincipal == null)
                        {
                            throw new Exception("User principal was not found");
                        }
                    }
                }
And now it works. :-)
Sep 1, 2015 at 3:21 PM
Hi keelste,
I tried your approach for child domain. But did not work. do I need to do some additional settings.
Sep 7, 2015 at 12:59 PM
Hi rushideshmukh

No special other settings need to be done. Does your Webserver have direct connection to the Active Directory or is there something blocked through a firewall or something like this?