Larry, I'm trying to get my brain back on track after the holiday, man is that rough! :) In response to your question, I do not have IIS running as a domain admin it's running under the default non-privileged IUSR account. A requirement for this to work is http authentication, you must have your users authenticating to the website via either NTLM or plain (w/ SSL preferably) auth. Once they're authenticated the user name is pulled from the CGI variables, and the user is prompted for their current and new passwords. The username and current password are used to change the password. I believe for this to work you have to have "Allow user to change password without logging on" enabled in your domain policy. I'm running an NT4 domain here, so I am not sure what the properties are for active directory. It looks like my attachments didn't go through to the list before, if you'd like the scripts I can email them to you directly. It's all pretty simple, it's under 200 lines of perl script. -Aaron ----------------------- Aaron Dokey - MIS Reid Tool Supply 2265 Black Creek Rd. Muskegon, MI 49444 (231) 777-3951 (231) 767-3772 (Direct) ----------------------- -----Original Message----- From: Nail, Larry [mailto:lnail@xxxxxx] Sent: Friday, August 30, 2002 4:16 PM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Web enabled Domain Password Tool Aaron, You mentioned below "for my users to change their own passwords" on IIS. First off this is exactly what I'm looking to do, so a couple of questions: Is this method using the "users" credentials to authticate, or are you running IIS as a Domain Admin to process the password changes? If so, what are you using to authenticate that they are who they say they are? Thanks, Larry -----Original Message----- From: Aaron Dokey [mailto:adokey@xxxxxxxxxxxx] Sent: Thursday, August 29, 2002 2:17 PM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Web enabled Domain Password Tool I'm just going to post it here to the list since a couple of you have expressed interest. There are two perl scripts attached... Some notes: -Win32WebChangePass.pm- This is the actual app, it uses the CGI::Application module for it's structure. I've got it as part of a larger extranet site here, so it's ripped right out of that. You will want to modify line 25 of the file where it reads: my $domain = "reidtool"; Change this [reidtool] to whatever you domain's NETBIOS name is. With a quick mod the forms could be modified so the user could type in their domain if you need it. I have this tucked away in a directory not accessible by web clients. Think of it as a perl library. -index.pl- This file is what should go into a directory accessible by your web clients. Of course, the directory should be able to execute perl scripts. This little script is only 4 lines of code, it basically just runs the Win32WebChangePass module. You will need to uncomment and change the second line of the file to match your environment. It reads: #BEGIN{unshift @INC, "C:\\Inetpub\\lib"}; Remove the '#' and change "C:\\inetpub\\lib" to whatever path you want to store the Win32WebChangePass module in. Please note that the Win32WebChangePass.pm file will be located in the 'Web\Util' sub directory from whatever you specify in this line. For instance, if you take my original line as an example the actual physical path to Win32WebChangePass.pm would be 'c:\inetpub\lib\web\util\Win32WebChangePass.pm'. Also, don't forget the double back slashes. I hope this is clear, it seems like a lot of text for something so small. :) BTW, this is running here under the latest version of active state's perl for win32. You'll need to install CGI::Application, which can be done by running 'ppm' at the command prompt (if perl is in your path) and typing 'install cgi-application'. That *should* be it. Feel free to ask questions if this is of any use to you. -Aaron ----------------------- Aaron Dokey - MIS Reid Tool Supply 2265 Black Creek Rd. Muskegon, MI 49444 (231) 777-3951 (231) 767-3772 (Direct) ----------------------- -----Original Message----- From: Nail, Larry [mailto:lnail@xxxxxx] Sent: Thursday, August 29, 2002 2:26 PM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Web enabled Domain Password Tool Aaron, That'd be great! I was contemplating using Perl myself, but I'm not that good with it... Yet. Larry -----Original Message----- From: Aaron Dokey [mailto:adokey@xxxxxxxxxxxx] Sent: Thursday, August 29, 2002 9:36 AM To: 'windows2000@xxxxxxxxxxxxx' Subject: [windows2000] Re: Web enabled Domain Password Tool It sounds like you're asking for something to be used by admin's or help desk people. But, I've got some perl that I've written to use under IIS for my users to change their own passwords. If you're interested I could send it your way. -Aaron ----------------------- Aaron Dokey - MIS Reid Tool Supply 2265 Black Creek Rd. Muskegon, MI 49444 (231) 777-3951 (231) 767-3772 (Direct) ----------------------- -----Original Message----- From: Nail, Larry [mailto:lnail@xxxxxx] Sent: Wednesday, August 28, 2002 4:50 PM To: windows2000@xxxxxxxxxxxxx Subject: [windows2000] Web enabled Domain Password Tool Anyone have a web enabled password change/reset/unlock tool that you're using? Thanks, Larry ______________________________________ Lawrence D. Nail Member, Group Technical Staff Microsoft Certified Systems Engineer for Windows(r) 2000 Strategy Team Helpdesk and Desktop Services http://www.dal.design.ti.com/nail/ <http://www.dal.design.ti.com/nail/> Texas Instruments Incorporated ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm -- Binary/unsupported file stripped by Ecartis -- -- Type: application/octet-stream -- File: index.pl -- Binary/unsupported file stripped by Ecartis -- -- Type: application/octet-stream -- File: Win32WebChangePass.pm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm