[windows2000] Re: Web enabled Domain Password Tool
- From: Aaron Dokey <adokey@xxxxxxxxxxxx>
- To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
- Date: Tue, 3 Sep 2002 15:28:29 -0400
Larry,
I'm trying to get my brain back on track after the holiday, man is that
rough! :)
In response to your question, I do not have IIS running as a domain admin
it's running under the default non-privileged IUSR account. A requirement
for this to work is http authentication, you must have your users
authenticating to the website via either NTLM or plain (w/ SSL preferably)
auth. Once they're authenticated the user name is pulled from the CGI
variables, and the user is prompted for their current and new passwords.
The username and current password are used to change the password. I
believe for this to work you have to have "Allow user to change password
without logging on" enabled in your domain policy. I'm running an NT4
domain here, so I am not sure what the properties are for active directory.
It looks like my attachments didn't go through to the list before, if you'd
like the scripts I can email them to you directly. It's all pretty simple,
it's under 200 lines of perl script.
-Aaron
-----------------------
Aaron Dokey - MIS
Reid Tool Supply
2265 Black Creek Rd.
Muskegon, MI 49444
(231) 777-3951
(231) 767-3772 (Direct)
-----------------------
-----Original Message-----
From: Nail, Larry [mailto:lnail@xxxxxx]
Sent: Friday, August 30, 2002 4:16 PM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Web enabled Domain Password Tool
Aaron,
You mentioned below "for my users to change their own passwords" on IIS.
First off this is exactly what I'm looking to do, so a couple of questions:
Is this method using the "users" credentials to authticate, or are you
running IIS as a Domain Admin to process the password changes?
If so, what are you using to authenticate that they are who they say they
are?
Thanks,
Larry
-----Original Message-----
From: Aaron Dokey [mailto:adokey@xxxxxxxxxxxx]
Sent: Thursday, August 29, 2002 2:17 PM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Web enabled Domain Password Tool
I'm just going to post it here to the list since a couple of you have
expressed interest. There are two perl scripts attached... Some notes:
-Win32WebChangePass.pm-
This is the actual app, it uses the CGI::Application module for it's
structure. I've got it as part of a larger extranet site here, so it's
ripped right out of that. You will want to modify line 25 of the file where
it reads:
my $domain = "reidtool";
Change this [reidtool] to whatever you domain's NETBIOS name is. With a
quick mod the forms could be modified so the user could type in their domain
if you need it. I have this tucked away in a directory not accessible by
web clients. Think of it as a perl library.
-index.pl-
This file is what should go into a directory accessible by your web clients.
Of course, the directory should be able to execute perl scripts. This
little script is only 4 lines of code, it basically just runs the
Win32WebChangePass module. You will need to uncomment and change the second
line of the file to match your environment. It reads:
#BEGIN{unshift @INC, "C:\\Inetpub\\lib"};
Remove the '#' and change "C:\\inetpub\\lib" to whatever path you want to
store the Win32WebChangePass module in. Please note that the
Win32WebChangePass.pm file will be located in the 'Web\Util' sub directory
from whatever you specify in this line. For instance, if you take my
original line as an example the actual physical path to
Win32WebChangePass.pm would be
'c:\inetpub\lib\web\util\Win32WebChangePass.pm'. Also, don't forget the
double back slashes.
I hope this is clear, it seems like a lot of text for something so small.
:) BTW, this is running here under the latest version of active state's
perl for win32. You'll need to install CGI::Application, which can be done
by running 'ppm' at the command prompt (if perl is in your path) and typing
'install cgi-application'. That *should* be it.
Feel free to ask questions if this is of any use to you.
-Aaron
-----------------------
Aaron Dokey - MIS
Reid Tool Supply
2265 Black Creek Rd.
Muskegon, MI 49444
(231) 777-3951
(231) 767-3772 (Direct)
-----------------------
-----Original Message-----
From: Nail, Larry [mailto:lnail@xxxxxx]
Sent: Thursday, August 29, 2002 2:26 PM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Web enabled Domain Password Tool
Aaron,
That'd be great! I was contemplating using Perl myself, but I'm not that
good with it... Yet.
Larry
-----Original Message-----
From: Aaron Dokey [mailto:adokey@xxxxxxxxxxxx]
Sent: Thursday, August 29, 2002 9:36 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Web enabled Domain Password Tool
It sounds like you're asking for something to be used by admin's or help
desk people. But, I've got some perl that I've written to use under IIS for
my users to change their own passwords. If you're interested I could send
it your way.
-Aaron
-----------------------
Aaron Dokey - MIS
Reid Tool Supply
2265 Black Creek Rd.
Muskegon, MI 49444
(231) 777-3951
(231) 767-3772 (Direct)
-----------------------
-----Original Message-----
From: Nail, Larry [mailto:lnail@xxxxxx]
Sent: Wednesday, August 28, 2002 4:50 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Web enabled Domain Password Tool
Anyone have a web enabled password change/reset/unlock tool that you're
using?
Thanks,
Larry
______________________________________
Lawrence D. Nail
Member, Group Technical Staff
Microsoft Certified Systems Engineer for Windows(r) 2000
Strategy Team
Helpdesk and Desktop Services http://www.dal.design.ti.com/nail/
<http://www.dal.design.ti.com/nail/>
Texas Instruments Incorporated
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
-- Binary/unsupported file stripped by Ecartis --
-- Type: application/octet-stream
-- File: index.pl
-- Binary/unsupported file stripped by Ecartis --
-- Type: application/octet-stream
-- File: Win32WebChangePass.pm
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
