Permissions in Active Directory

Hi, I've a problem with an ACE creation. My goal is, in fact, to put the "Reset Password" permission on a computer object in AD (for RIS installation purposes). With this code, i can get the security permissions and read them, but i can't set them. It's my first contact with Security Descriptor and... It's not glorious... :) A little code is better than a long speech, so : ActiveDs.SecurityDescriptor sd = null; ActiveDs.AccessControlList dacl = null; ActiveDs.AccessControlEntry NewAce = new AccessControlEntryClass(); string ComputerPath; ComputerPath="LDAP://domaine.com/CN=test,OU=Just Created,OU=IT,OU=Bruxelles,OU=Belgium,OU=all computers,DC=domaine,DC=com"; DirectoryEntry dsobject = new DirectoryEntry(ComputerPath,"login","password"); sd = (SecurityDescriptor) dsobject.Properties["ntSecurityDescriptor"].Value; dacl = (ActiveDs.AccessControlList) sd.DiscretionaryAcl; NewAce.AccessMask = 0x256; NewAce.AceType = 0x5; NewAce.AceFlags=0; NewAce.Trustee=@"domaine\user"; NewAce.Flags=0x1; NewAce.ObjectType="{00299570-246D-11D0-A768-00AA006E0529}"; sd.DiscretionaryAcl = dacl; dsobject.Properties["ntSecurityDescriptor"].Value = sd; dsobject.CommitChanges(); Each time i compile my code, i have an error : The security ID structure is invalid. Exception Details: System.Runtime.InteropServices.COMException: The security ID structure is invalid. I've been searching for long now, i compared with Microsoft's doc but... it doesn't work... If anyone can help me a bit, it would be really kind :) Thanks for reading!