I have a C# web app that uses mixed mode authentication (windows
integrated auth. together with formsAuthentica tion). I would like to
have a form that allows users to change their windows passwords
remotely. Does anyone know how I could do this? 7 3030
you mean you want us to write a code for you ?
what do you mean how it can be done
connect to the sql server (if your using one) change the password the
way you do in your asp.net application
if your having a problem
post your code with your question
but we wont write the code for you
---
Best Regards
Amir
*** Sent via Developersdex http://www.developersdex.com ***
I don't want you to write any code for me, I just want a suggestion
about how to proceed or a web resource that dicusses the subject. I'm
not using sql server to store credentials, I'm using windows integrated
authentication so I need to be able to access active directory and
change windows acoount passwords remotely using a web form. Here is
the code from my login page to give you an idea of what I'm doing:
void Login_Click(Obj ect sender, EventArgs e)
{
String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP
directory server
LdapAuthenticat ion adAuth = new LdapAuthenticat ion(adPath);
try
{
if(true == adAuth.IsAuthen ticated(domain. Text, userName.Text,
password.Text))
{
String groups = adAuth.GetGroup s();
//Create the ticket, and add the groups.
bool isCookiePersist ent = false; //chkPersist.Chec ked;
FormsAuthentica tionTicket authTicket = new
FormsAuthentica tionTicket(1, userName.Text,
DateTime.Now, DateTime.Now.Ad dMinutes(60), isCookiePersist ent,
groups);
//Encrypt the ticket.
String encryptedTicket = FormsAuthentica tion.Encrypt(au thTicket);
//Create a cookie, and then add the encrypted ticket to the
cookie as data.
HttpCookie authCookie = new
HttpCookie(Form sAuthentication .FormsCookieNam e, encryptedTicket );
if(true == isCookiePersist ent)
authCookie.Expi res = authTicket.Expi ration;
//Add the cookie to the outgoing cookies collection.
Response.Cookie s.Add(authCooki e);
//You can redirect now.
Response.Redire ct(FormsAuthent ication.GetRedi rectUrl(userNam e.Text,
false));
}
else
{
errorLabel.Text = "Authentica tion did not succeed. Check user
name and password.";
}
}
catch(Exception ex)
{
errorLabel.Text = "Error authenticating. " + ex.Message;
}
}
I think that the techniques to do this will not neccesarily have anything to
do with C# language.
Try asking over in windowsxp.secur ity. This sounds more like that sort of
issue.
--
Bob Powell [MVP]
Visual C#, System.Drawing
Ramuseco Limited .NET consulting http://www.ramuseco.com
Find great Windows Forms articles in Windows Forms Tips and Tricks http://www.bobpowell.net/tipstricks.htm
Answer those GDI+ questions with the GDI+ FAQ http://www.bobpowell.net/faqmain.htm
All new articles provide code in C# and VB.NET.
Subscribe to the RSS feeds provided and never miss a new article.
<dl*******@gmai l.com> wrote in message
news:11******** **************@ g43g2000cwa.goo glegroups.com.. . I don't want you to write any code for me, I just want a suggestion about how to proceed or a web resource that dicusses the subject. I'm not using sql server to store credentials, I'm using windows integrated authentication so I need to be able to access active directory and change windows acoount passwords remotely using a web form. Here is the code from my login page to give you an idea of what I'm doing:
void Login_Click(Obj ect sender, EventArgs e) { String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP directory server LdapAuthenticat ion adAuth = new LdapAuthenticat ion(adPath); try { if(true == adAuth.IsAuthen ticated(domain. Text, userName.Text, password.Text)) { String groups = adAuth.GetGroup s();
//Create the ticket, and add the groups. bool isCookiePersist ent = false; //chkPersist.Chec ked; FormsAuthentica tionTicket authTicket = new FormsAuthentica tionTicket(1, userName.Text, DateTime.Now, DateTime.Now.Ad dMinutes(60), isCookiePersist ent, groups);
//Encrypt the ticket. String encryptedTicket = FormsAuthentica tion.Encrypt(au thTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data. HttpCookie authCookie = new HttpCookie(Form sAuthentication .FormsCookieNam e, encryptedTicket );
if(true == isCookiePersist ent) authCookie.Expi res = authTicket.Expi ration;
//Add the cookie to the outgoing cookies collection. Response.Cookie s.Add(authCooki e);
//You can redirect now.
Response.Redire ct(FormsAuthent ication.GetRedi rectUrl(userNam e.Text, false)); } else { errorLabel.Text = "Authentica tion did not succeed. Check user name and password."; } } catch(Exception ex) { errorLabel.Text = "Error authenticating. " + ex.Message; } }
You will want to call the NetUserChangePa ssword API function through the
P/Invoke layer. You can most likely get the definition from http://www.pinvoke.net.
Depending on your setup, I don't know if you are going to be able to get
it to work. If you are impersonating the user on the web server side, you
^should^ this should work, assuming users can change their own passwords.
If not (or you are not impersonating the user, which you shouldn't be in
general in an ASP.NET app), you will have to impersonate a user that has the
rights to change the password. Of course, this is a VERY dangerous
operation, so be careful.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard. caspershouse.co m
<dl*******@gmai l.com> wrote in message
news:11******** **************@ g44g2000cwa.goo glegroups.com.. . I have a C# web app that uses mixed mode authentication (windows integrated auth. together with formsAuthentica tion). I would like to have a form that allows users to change their windows passwords remotely. Does anyone know how I could do this?
Use the System.Director y namespace classes like you did, but invoke the
native method to change the password of a user like this.
UserEntry is a DirectorEntry object reference that points to the user
account entry in the AD.
object[] password = new object[] {"oldpwd", "newPwd"};
object ret = userEntry.Invok e("ChangePasswo rd", password );
userEntry.Commi tChanges();
....
Willy.
<dl*******@gmai l.com> wrote in message
news:11******** **************@ g43g2000cwa.goo glegroups.com.. . I don't want you to write any code for me, I just want a suggestion about how to proceed or a web resource that dicusses the subject. I'm not using sql server to store credentials, I'm using windows integrated authentication so I need to be able to access active directory and change windows acoount passwords remotely using a web form. Here is the code from my login page to give you an idea of what I'm doing:
void Login_Click(Obj ect sender, EventArgs e) { String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP directory server LdapAuthenticat ion adAuth = new LdapAuthenticat ion(adPath); try { if(true == adAuth.IsAuthen ticated(domain. Text, userName.Text, password.Text)) { String groups = adAuth.GetGroup s();
//Create the ticket, and add the groups. bool isCookiePersist ent = false; //chkPersist.Chec ked; FormsAuthentica tionTicket authTicket = new FormsAuthentica tionTicket(1, userName.Text, DateTime.Now, DateTime.Now.Ad dMinutes(60), isCookiePersist ent, groups);
//Encrypt the ticket. String encryptedTicket = FormsAuthentica tion.Encrypt(au thTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data. HttpCookie authCookie = new HttpCookie(Form sAuthentication .FormsCookieNam e, encryptedTicket );
if(true == isCookiePersist ent) authCookie.Expi res = authTicket.Expi ration;
//Add the cookie to the outgoing cookies collection. Response.Cookie s.Add(authCooki e);
//You can redirect now.
Response.Redire ct(FormsAuthent ication.GetRedi rectUrl(userNam e.Text, false)); } else { errorLabel.Text = "Authentica tion did not succeed. Check user name and password."; } } catch(Exception ex) { errorLabel.Text = "Error authenticating. " + ex.Message; } }
Why PInvoke when there are managed options available??????
Willy.
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard .caspershouse.c om> wrote in
message news:u2******** *****@TK2MSFTNG P12.phx.gbl... You will want to call the NetUserChangePa ssword API function through the P/Invoke layer. You can most likely get the definition from http://www.pinvoke.net.
Depending on your setup, I don't know if you are going to be able to get it to work. If you are impersonating the user on the web server side, you ^should^ this should work, assuming users can change their own passwords. If not (or you are not impersonating the user, which you shouldn't be in general in an ASP.NET app), you will have to impersonate a user that has the rights to change the password. Of course, this is a VERY dangerous operation, so be careful.
Hope this helps.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard. caspershouse.co m
<dl*******@gmai l.com> wrote in message news:11******** **************@ g44g2000cwa.goo glegroups.com.. .I have a C# web app that uses mixed mode authentication (windows integrated auth. together with formsAuthentica tion). I would like to have a form that allows users to change their windows passwords remotely. Does anyone know how I could do this?
Thanks Willy, I'll give that a try. I was pretty sure it was something
like that but I was using
userEntry.Invok e("setPassword" , password );
which was not working. Thanks for the tip. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: ecPunk |
last post by:
Hi,
We have a web application where we want a user to be able to change his/her
password if the password has expired but we are unable to do this with ASP
(at the moment) because we can't log the user into the database without a
valid password. We do not want to store any "admin" user info to connect to
the database to change the users password for security issues. Does anyone
have any ideas of how we could go about doing this? Any...
|
by: Frostillicus |
last post by:
Hi,
I've written some javascript to randomly choose a classical music composer's
picture and sample audio and display it on my home page
(http://marc.fearby.com/), and this works fine in Mozilla but has problems
in IE. Here's the code:
imagestring = "<img src=\"" + imagedir + composers + "\" />";
objimage.innerHTML = imagestring;
|
by: Mindy Geac |
last post by:
Hello,
I'm seaching for the possibility to change Domain/User passwords. And a
check for users if the password has to change with the first logon or when
the password is expired.
thanx,
Mindy
|
by: Alan Munter |
last post by:
I have changed the passwords on our MySQL DB server for a few users.
I went in to the ODBC data sources configuration on their machines and
changed the passwords to the new ones.
However, every time they open the database that contains the linked
tables which use that ODBC data source, instead of using the password
configured in the data source it uses the old password which is saved
in the Access database somewhere. They have to retype...
|
by: pberna |
last post by:
Dear all,
I built a Web Form application to start and stop a Windows Service remotely.
I successful tested the application on Windows 2000 server + IIS. I must
include the ASPNET user
to the Administration group (on server side) to have the necessary
authorization to start a Windows Service (I don't understand why "Power
User" rights are not enough to do the same thing)
Although I'm able to start a service using windows 2000 server...
| |
by: James |
last post by:
We have our own set of users and passwords for our application and we want to
implement strong passwords.
My question is can you access the windows password policy settings in order
to validate a password the user has typed in?
Even if you cant use the password history for your own passwords, it would
still be useful to use the other settings like minimum length etc...
We could store our own format for the password maybe as a regular...
|
by: diffuser78 |
last post by:
I am a newbie in Python and want your help in writing python script.
I have to remotely shut the windows px from linux box. I run OpenSSH on
windows PC. I remotely connect it from Linux box using
.....
ssh Admin@IP_ADDR # connects me fine now without problems
(LOCAL)
Next, I wrote a script that would log me in and also shut the windows
|
by: =?Utf-8?B?TWljaGFlbCAwMw==?= |
last post by:
I need to disable the clipboard function in Windows XP. We are having a
problem with users using CTRL+C in one program, then using CTRL+V in another.
Specifically, they type their password into notepad, copy it to the
clipboard, then paste it in another program. The other program runs on
Windows XP. Obviously, the correct answer is to have the creators of the
other program to disable pasting in a password field, but they are reluctant...
|
by: diane |
last post by:
I've got an application running with table-based security: i capture
the user's windows login with fOsusername, then have them enter a
password checked against their username/login in my own table. The
problem is, they can't remember the passwords they've created, and I
spend more time than I want to resetting.
Here's what I'd LIKE to have happen: when the user opens the
application (Access2k), a dialog box appears with the windows...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |