By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,396 Members | 2,501 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,396 IT Pros & Developers. It's quick & easy.

Windows Authentication - How to allow users to change passwords andother account services?

P: n/a
Mel
We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?
Sep 4 '08 #1
Share this Question
Share on Google+
2 Replies


P: n/a
On 4 Sep, 20:03, Mel <MLights...@gmail.comwrote:
We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?
Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH
Sep 4 '08 #2

P: n/a
Mel
On Sep 4, 5:19 pm, Stan <googles...@philhall.netwrote:
On 4 Sep, 20:03, Mel <MLights...@gmail.comwrote:
We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?

Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH
Yes, I am using asp.net 2.0, visual studio 2005 Pro, vb.net. In your
opinion, do you think using Forms authentication would be a better way
to go? Would that give me more capabilities and more features?
Sep 8 '08 #3

This discussion thread is closed

Replies have been disabled for this discussion.