I have a C# web app that uses mixed mode authentication (windows
integrated auth. together with formsAuthentication). I would like to
have a form that allows users to change their windows passwords
remotely. Does anyone know how I could do this? 7 3001
you mean you want us to write a code for you ?
what do you mean how it can be done
connect to the sql server (if your using one) change the password the
way you do in your asp.net application
if your having a problem
post your code with your question
but we wont write the code for you
---
Best Regards
Amir
*** Sent via Developersdex http://www.developersdex.com ***
I don't want you to write any code for me, I just want a suggestion
about how to proceed or a web resource that dicusses the subject. I'm
not using sql server to store credentials, I'm using windows integrated
authentication so I need to be able to access active directory and
change windows acoount passwords remotely using a web form. Here is
the code from my login page to give you an idea of what I'm doing:
void Login_Click(Object sender, EventArgs e)
{
String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP
directory server
LdapAuthentication adAuth = new LdapAuthentication(adPath);
try
{
if(true == adAuth.IsAuthenticated(domain.Text, userName.Text,
password.Text))
{
String groups = adAuth.GetGroups();
//Create the ticket, and add the groups.
bool isCookiePersistent = false; //chkPersist.Checked;
FormsAuthenticationTicket authTicket = new
FormsAuthenticationTicket(1, userName.Text,
DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent,
groups);
//Encrypt the ticket.
String encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the
cookie as data.
HttpCookie authCookie = new
HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if(true == isCookiePersistent)
authCookie.Expires = authTicket.Expiration;
//Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
//You can redirect now.
Response.Redirect(FormsAuthentication.GetRedirectU rl(userName.Text,
false));
}
else
{
errorLabel.Text = "Authentication did not succeed. Check user
name and password.";
}
}
catch(Exception ex)
{
errorLabel.Text = "Error authenticating. " + ex.Message;
}
}
I think that the techniques to do this will not neccesarily have anything to
do with C# language.
Try asking over in windowsxp.security. This sounds more like that sort of
issue.
--
Bob Powell [MVP]
Visual C#, System.Drawing
Ramuseco Limited .NET consulting http://www.ramuseco.com
Find great Windows Forms articles in Windows Forms Tips and Tricks http://www.bobpowell.net/tipstricks.htm
Answer those GDI+ questions with the GDI+ FAQ http://www.bobpowell.net/faqmain.htm
All new articles provide code in C# and VB.NET.
Subscribe to the RSS feeds provided and never miss a new article.
<dl*******@gmail.com> wrote in message
news:11**********************@g43g2000cwa.googlegr oups.com... I don't want you to write any code for me, I just want a suggestion about how to proceed or a web resource that dicusses the subject. I'm not using sql server to store credentials, I'm using windows integrated authentication so I need to be able to access active directory and change windows acoount passwords remotely using a web form. Here is the code from my login page to give you an idea of what I'm doing:
void Login_Click(Object sender, EventArgs e) { String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP directory server LdapAuthentication adAuth = new LdapAuthentication(adPath); try { if(true == adAuth.IsAuthenticated(domain.Text, userName.Text, password.Text)) { String groups = adAuth.GetGroups();
//Create the ticket, and add the groups. bool isCookiePersistent = false; //chkPersist.Checked; FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName.Text, DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//Encrypt the ticket. String encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data. HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if(true == isCookiePersistent) authCookie.Expires = authTicket.Expiration;
//Add the cookie to the outgoing cookies collection. Response.Cookies.Add(authCookie);
//You can redirect now.
Response.Redirect(FormsAuthentication.GetRedirectU rl(userName.Text, false)); } else { errorLabel.Text = "Authentication did not succeed. Check user name and password."; } } catch(Exception ex) { errorLabel.Text = "Error authenticating. " + ex.Message; } }
You will want to call the NetUserChangePassword API function through the
P/Invoke layer. You can most likely get the definition from http://www.pinvoke.net.
Depending on your setup, I don't know if you are going to be able to get
it to work. If you are impersonating the user on the web server side, you
^should^ this should work, assuming users can change their own passwords.
If not (or you are not impersonating the user, which you shouldn't be in
general in an ASP.NET app), you will have to impersonate a user that has the
rights to change the password. Of course, this is a VERY dangerous
operation, so be careful.
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mv*@spam.guard.caspershouse.com
<dl*******@gmail.com> wrote in message
news:11**********************@g44g2000cwa.googlegr oups.com... I have a C# web app that uses mixed mode authentication (windows integrated auth. together with formsAuthentication). I would like to have a form that allows users to change their windows passwords remotely. Does anyone know how I could do this?
Use the System.Directory namespace classes like you did, but invoke the
native method to change the password of a user like this.
UserEntry is a DirectorEntry object reference that points to the user
account entry in the AD.
object[] password = new object[] {"oldpwd", "newPwd"};
object ret = userEntry.Invoke("ChangePassword", password );
userEntry.CommitChanges();
....
Willy.
<dl*******@gmail.com> wrote in message
news:11**********************@g43g2000cwa.googlegr oups.com... I don't want you to write any code for me, I just want a suggestion about how to proceed or a web resource that dicusses the subject. I'm not using sql server to store credentials, I'm using windows integrated authentication so I need to be able to access active directory and change windows acoount passwords remotely using a web form. Here is the code from my login page to give you an idea of what I'm doing:
void Login_Click(Object sender, EventArgs e) { String adPath = "LDAP://... /DC=...,DC=..."; //Path to my LDAP directory server LdapAuthentication adAuth = new LdapAuthentication(adPath); try { if(true == adAuth.IsAuthenticated(domain.Text, userName.Text, password.Text)) { String groups = adAuth.GetGroups();
//Create the ticket, and add the groups. bool isCookiePersistent = false; //chkPersist.Checked; FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName.Text, DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//Encrypt the ticket. String encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data. HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if(true == isCookiePersistent) authCookie.Expires = authTicket.Expiration;
//Add the cookie to the outgoing cookies collection. Response.Cookies.Add(authCookie);
//You can redirect now.
Response.Redirect(FormsAuthentication.GetRedirectU rl(userName.Text, false)); } else { errorLabel.Text = "Authentication did not succeed. Check user name and password."; } } catch(Exception ex) { errorLabel.Text = "Error authenticating. " + ex.Message; } }
Why PInvoke when there are managed options available??????
Willy.
"Nicholas Paldino [.NET/C# MVP]" <mv*@spam.guard.caspershouse.com> wrote in
message news:u2*************@TK2MSFTNGP12.phx.gbl... You will want to call the NetUserChangePassword API function through the P/Invoke layer. You can most likely get the definition from http://www.pinvoke.net.
Depending on your setup, I don't know if you are going to be able to get it to work. If you are impersonating the user on the web server side, you ^should^ this should work, assuming users can change their own passwords. If not (or you are not impersonating the user, which you shouldn't be in general in an ASP.NET app), you will have to impersonate a user that has the rights to change the password. Of course, this is a VERY dangerous operation, so be careful.
Hope this helps.
-- - Nicholas Paldino [.NET/C# MVP] - mv*@spam.guard.caspershouse.com
<dl*******@gmail.com> wrote in message news:11**********************@g44g2000cwa.googlegr oups.com...I have a C# web app that uses mixed mode authentication (windows integrated auth. together with formsAuthentication). I would like to have a form that allows users to change their windows passwords remotely. Does anyone know how I could do this?
Thanks Willy, I'll give that a try. I was pretty sure it was something
like that but I was using
userEntry.Invoke("setPassword", password );
which was not working. Thanks for the tip. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: ecPunk |
last post by:
Hi,
We have a web application where we want a user to be able to change his/her
password if the password has expired but we are unable to do this with ASP
(at the moment) because we can't log...
|
by: Frostillicus |
last post by:
Hi,
I've written some javascript to randomly choose a classical music composer's
picture and sample audio and display it on my home page
(http://marc.fearby.com/), and this works fine in Mozilla...
|
by: Mindy Geac |
last post by:
Hello,
I'm seaching for the possibility to change Domain/User passwords. And a
check for users if the password has to change with the first logon or when
the password is expired.
thanx,
...
|
by: Alan Munter |
last post by:
I have changed the passwords on our MySQL DB server for a few users.
I went in to the ODBC data sources configuration on their machines and
changed the passwords to the new ones.
However, every...
|
by: pberna |
last post by:
Dear all,
I built a Web Form application to start and stop a Windows Service remotely.
I successful tested the application on Windows 2000 server + IIS. I must
include the ASPNET user
to the...
|
by: James |
last post by:
We have our own set of users and passwords for our application and we want to
implement strong passwords.
My question is can you access the windows password policy settings in order
to validate a...
|
by: diffuser78 |
last post by:
I am a newbie in Python and want your help in writing python script.
I have to remotely shut the windows px from linux box. I run OpenSSH on
windows PC. I remotely connect it from Linux box using...
|
by: =?Utf-8?B?TWljaGFlbCAwMw==?= |
last post by:
I need to disable the clipboard function in Windows XP. We are having a
problem with users using CTRL+C in one program, then using CTRL+V in another.
Specifically, they type their password into...
|
by: diane |
last post by:
I've got an application running with table-based security: i capture
the user's windows login with fOsusername, then have them enter a
password checked against their username/login in my own table....
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |