I'm writing a web based tool for some of our front line support people for supporting our web portal. I've been writing everything in PHP and have run into a snag with dealing with AD accounts (the user account back end of the portal sits on Win2k AD). I can query LDAP and check values (and even modify most of the text fields), but I haven't been able to modify/reset passwords, nor disable/enable accts or unlock them. After a few days research on the net, I've come to realize that it seems to have something to do with SSL communication between PHP and AD. But that's all besides the point. A really easy way for me to get around this is to execute shell commands within my script to do what I need. Before anyone tells me that it's a bad idea to execute shell commands from a web form, I'll just say that this is not on a publicly addressable web server, and the analysts already have access to a trimmed down version of dsa.msc running via citrix session. I'm just trying to simplify their whole support process. I've seen examples of using NET USER to reset passwords, but I haven't seen anything having to do with enabling or disabling accounts, or unlocking locked ones. Any ideas? thanks, -brian ******************************************************** This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check out our games to relieve your stress. http://www.StressedPuppy.com ******************************************************** To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm