C#:ActiveDirectory : Check User cannot change password

in project add COM reference to "Active DS Type Library" COM library v1.0
usually located in C:\WINDOWS\system32\activeds.tlb.

using ActiveDs;
        public void CheckUserCanChangePasswordsProperty()
        {
            DirectoryEntry de = GetDirectoryObject(UserName);
            string PASSWORD_GUID = "{ab721a53-1e2f-11d0-9819-00aa0040529b}";
            string[] trustees = { "NT AUTHORITY\\SELF", "EVERYONE" };


            ActiveDs.IADsSecurityDescriptor sd =
                (ActiveDs.IADsSecurityDescriptor)de.Properties["ntSecurityDescriptor"].Value;
            ActiveDs.IADsAccessControlList acl = (ActiveDs.IADsAccessControlList)sd.DiscretionaryAcl;
            ActiveDs.AccessControlEntry ace = new ActiveDs.AccessControlEntry();


            double denied = (double)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_DENIED_OBJECT;
            double objectType = (double)ActiveDs.ADS_FLAGTYPE_ENUM.ADS_FLAG_OBJECT_TYPE_PRESENT;
            double dsControl = (double)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_DS_CONTROL_ACCESS;

            foreach (string trustee in trustees)
            {
                ace.Trustee = trustee;
                ace.AceFlags = 0;
                ace.AceType = Convert.ToInt32(Math.Floor(denied));
                ace.Flags = Convert.ToInt32(Math.Floor(objectType));
                ace.ObjectType = PASSWORD_GUID;
                ace.AccessMask = Convert.ToInt32(Math.Floor(dsControl));

                acl.AddAce(ace);
            }
            sd.DiscretionaryAcl = acl;
            de.Properties["ntSecurityDescriptor"].Value = sd;

            de.CommitChanges();
        }

more...