Ok, that's what I needed to see. In the code below, you are trying to bind
to the directory under the identity of the current security context
System.Security.Principal.WindowsIdentity.GetCurrent().Name). Depending on
how your web application is configured, this may or may not be the user you
want it to be. For that to be the browser user, you need to have integrated
or basic auth configured in IIS (no anonymous), need to have Windows auth
configured in ASP.NET and need to have <identity impersonate="true"/>.
Without impersonation, you'll have the process account and that won't work,
as the process account should not be changing the user's own password. That
also may not work for a variety of other reasons.
Based on the errors you are getting (operations error), it looks like your
bind to the directory may not be working and it is trying to log in as
anonymous instead, which causes the operations error in 2003 AD. To know
for sure, it would be helpful to see the entire stack trace of the exception
instead of just the error code.
Another thing to be concerned about in a web application is that in order to
use integrated auth and impersonation to bind as the remote browser user,
you will need to implement Kerberos delegation. It isn't the hardest thing
in the world, but it is non-trivial and can be very confusing if you've
never done it before.
In your case, given that you have the user's username and their current
password, it may be easier to bypass these issues entirely and just use
those in your DirectoryEntry contructor. You may also need to add a domain
name to your LDAP path in case serverless binding isn't working in the
current security context.
This will not necessarily get ChangePassword working, as its success depends
a great deal on other environment factors such as the availability of
SSL/LDAP on the DC or whether or not a NetUserChangePassword RPC call can be
made to work. I go into more details on that in ch 10 of the book.
Best of luck!
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"