Self service web based reset password- Active directory

Question

0.00/5 (No votes)

See more:

I am looking for a Self service web based reset password- Active directory

Can somebody please advise me if this can be done or if there is some project example.
Thanks in advance

Posted 22-Feb-12 10:23am

WebMaster

Updated 17-Aug-12 10:47am

v6

Add a Solution

Comments

[no name] 22-Feb-12 19:38pm

What part of this do you need help with? Changing the password or validating the RSA?

3 solutions

Solution 2

You can use the below code to fetch the logged IN user ID from AD as:

C#

WindowsIdentity ident = WindowsIdentity.GetCurrent();
WindowsPrincipal user = new WindowsPrincipal(ident);
string username = StripDomainFromUserName(user.Identity.Name);

using (DirectoryEntry de = new DirectoryEntry("LDAP://" + StripDomain(user.Identity.Name)))
{
    using (DirectorySearcher adSearch = new DirectorySearcher(de))
    {
        adSearch.Filter = "(DomAccountName=" + username + ")";
        SearchResult adSearchResult = adSearch.FindOne();

        UserID = username;
        UserName = StripLoggedUserName(adSearchResult.Path);
    }
}

Posted 12-Mar-12 15:36pm

Ganesan Senthilvel

Solution 4

You can try this PowerShell command:

$ouser.psbase.invoke("SetPassword",$pwd)
$ouser.psbase.CommitChanges()
The Set-AdUserPwd.ps1 script is seen here.
Set-AdUserPwd.ps1
Function Set-AdUserPwd
{
Param(
[string]$user,
[string]$pwd
) #end param
$oUser = [adsi]"LDAP://$user"
$ouser.psbase.invoke("SetPassword",$pwd)
$ouser.psbase.CommitChanges()
} # end function Set-AdUserPwd
Set-AdUserPwd -user "cn=bob,ou=HSG_TestOU,dc=nwtraders,dc=com" -pwd P@ssword1

Otherwise, You can try this self service password reset (http://www.lepide.com/active-directory-self-service/) tool which provides facilitate to reset self active directory password and sent Email notification to users when their AD passwords expired.

Posted 3-Nov-14 0:50am

michel jon

Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Ganesan Senthilvel · Accepted Answer · 2012-03-12T15:37:00

As the next step, you can use the below code to reset AD password as:

C#

public string ResetPassword(bool reset)  
{  
        string sPwd = _user.Properties["sAMAccountName"][0].ToString() + ".tmp"; //static password here 
 
        int flags;  
                 
 
        if(reset)  
        {  
                //first have to remove "Password Never Expires Flag"  
                flags = (int)_user.Properties["userAccountControl"].Value;  
                if(Convert.ToBoolean(flags & UF_DONT_EXPIRE_PASSWD))  
                {  
                        flags = (flags ^ UF_DONT_EXPIRE_PASSWD);  
                        _user.Properties["userAccountControl"].Value = flags;  
                }  
                         
 
                if(_user.Properties.Contains("pwdLastSet"))  
                        _user.Properties["pwdLastSet"].Value = 0;  
                else  
                        _user.Properties["pwdLastSet"].Add(0);  
                }  
        else  
        {  
                //clear the change password at next login if it is there  
                if(_user.Properties.Contains("pwdLastSet"))  
                        _user.Properties["pwdLastSet"].Value = -1;  
                else  
                        _user.Properties["pwdLastSet"].Add(-1);  
                         
 
                //set the password never expires flag.  
                flags = (int)_user.Properties["userAccountControl"].Value;  
                if(!Convert.ToBoolean(flags & UF_DONT_EXPIRE_PASSWD))  
                {  
                        flags = (flags | UF_DONT_EXPIRE_PASSWD);  
                        _user.Properties["userAccountControl"].Value = flags;  
                }  
        }  
 
 
        //Change thread context to Admin's **IMPERSONATION CODE STARTS HERE**  
        IntPtr token = IntPtr.Zero;  
        string username = ""; //same as in your _user constructor  
        string domain = ""; //same as in your _user constructor  
 
 
        bool result = LogonUser(username, domain , Config.Settings.AdminPassword, 3, 0, out token); 
 
        if(!result)  
        {  
                int errCode = GetLastError();  
                string errMessage = String.Empty;  
                switch(errCode)  
                {  
                        case 5:  
                                errMessage = "Access Denied";  
                                break;  
                        case 1326:  
                                errMessage = "Logon failure: unknown user name or bad password.";  
                                break;  
                }  
                throw new Exception(String.Format("GetLastError() returned {0}, \"{1}\"", errCode, errMessage)); 
 
        }  
        else  
        {  
                WindowsIdentity wi = new WindowsIdentity(token);  
                WindowsImpersonationContext wic = wi.Impersonate();  
                _user.Invoke("SetPassword", new object[]{sPwd.ToLower()});  
                _user.CommitChanges();  
 
 
                wic.Undo(); //end impersonation **END IMPERSONATION**  
                CloseHandle(token);  
        }  
                         
 
        return sPwd.ToLower();  
}

Self service web based reset password- Active directory

3 solutions

Solution 2

Solution 3

Solution 4

Add your solution here

Preview 0

Self service web based reset password- Active directory

3 solutions

Solution 2

Solution 3

Solution 4

Add your solution here

Preview 0

Existing Members

...or Join us