Rick, I'll bet what you are doing wrong is to set the userAccountControl (to enable the account) when creating the user. Don't do that - create the user without setting userAccountControl, which will result in the created user being disabled, then set the password, then set userAccountControl to enable the user. This seems to work for me. I can send my code if you like (but it is in perl...)
-----Original Message----- From: Kingslan, Rick T. [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 7:06 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Creating programatically when password complexity is in force I've run into an interesting problem. If I create a user programatically, (using C#, but we've confirmed the same with VBScript) the password cannot be set until the user object exists. If I try it, we get the error: "Server is unwilling to process the request" when a SetInfo is done on the creation of the user object. All required fields for the user object are being entered, and checked per the 'Tuna' just to be sure. However, the user cannot exist with a blank password because the blank password violates the password complexity and the minimum length rules. And, as stated, the password cannot be set until the object exists. Would one of the scripting / programming geniuses that we have here tell me what I'm missing? I have to believe that there is a way to do this. Or, am I going to be relegated to using ADUC again to create my users (which is a major pain in the a$$, to say the least)? Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory LAN Administration - Windows 2000 West Corporation [EMAIL PROTECTED] List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/