Possibly Broken after MS KB 3139921/3140410/3167679/3177108?

Oct 24, 2016 at 1:41 AM
Hello,
Firstly, thank you for such a good plugin - has been a great asset.
I think that it is now broken after recent Windows Updates changing 'things', possibly in this area of the code: user.ChangePassword(inpOldPassword.Value, inpNewPassword.Value).
Unfortunately I am not a coder and not sure how to fix this problem, however I believe that others are having similar problems, as found here:
Here
and:
Here

Error Received:
The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1).

Could you please confirm?
Is there an easy solution to the problem?

Thank you
Oct 26, 2016 at 12:57 AM
Edited Oct 26, 2016 at 1:02 AM
For some reason, in our environment, this is the fix for the problem seems to be with password complexity problems, and not showing the correct error (?!?).
Seems like the fix could be adding the following into the catch() block.

We have tested this in a lab environment, not yet implemented into production.
catch (Exception ex)
{
string stroPError5 = "The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1)";
...
else if (errMsg == stroPError5)
{
    divValidation.InnerHtml = "<br/><font color=red>User is attempting to reset password and it does not meet requirements specified by policy (length, history, complexity)<br/>All passwords will now need to be ***insert password complexity requirements here***</Font>";
    divError.InnerHtml = "";
}
I suppose that if that doesn't fix it for you, then you could try:
using (PrincipalContext ctx = new PrincipalContext(ContextType.Domain, "your.domain.here.com", null, ContextOptions.Negotiate, usrname, inpOldPassword.Value))
Not sure if usrname requires the @your.domain.here.com as per the answer HERE