|
Posted by markm75 on February 17, 2007, 12:47 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Is there a way short of using Outlook (rpc over http) or VPN to change
a users password via the internet?
IE: Perhaps a 3rd party web app which would allow this etc.
Thanks for any tips
|
|
Posted by Kerry Brown on February 17, 2007, 1:35 pm
If you were Registered and logged in, you could reply and use other advanced thread options
That would be a bit of a security flaw don't you think? You have to be
authenticated somehow. There are several ways to do this, VPN, RDP, RWW, and
probably more. The key is you need to be authenticated to so it.
--
Kerry Brown
Microsoft MVP - Shell/User
http://www.vistahelp.ca
> Is there a way short of using Outlook (rpc over http) or VPN to change
> a users password via the internet?
>
> IE: Perhaps a 3rd party web app which would allow this etc.
>
> Thanks for any tips
>
|
|
Posted by Unsettled on February 17, 2007, 4:09 pm
If you were Registered and logged in, you could reply and use other advanced thread options
work. Here's one way:
1) send email with command in the subject to blah@blah.com
2) use procmail to write to file the command
3) retrieve it via whatever (FTP, SCP, etc) to the local windows machine
4) execute it
Cron the retrieval of the command from the mail server.
markm75 wrote:
> Is there a way short of using Outlook (rpc over http) or VPN to change
> a users password via the internet?
>
> IE: Perhaps a 3rd party web app which would allow this etc.
>
> Thanks for any tips
>
|
|
Posted by =?Utf-8?B?SWFu?= on February 18, 2007, 11:02 am
If you were Registered and logged in, you could reply and use other advanced thread options
to change their passwords, but as you say there are security concerns that
need to be carefully checked-out. Since the intention is to use an encrypted
socket-link it could in principle work over the Internet, though that's not
its original purpose.
The existing options are basically to use SSH or VPN, and the computer must
be a full domainmember if you want to change the AD password.
|
|
Posted by on February 19, 2007, 6:38 am
If you were Registered and logged in, you could reply and use other advanced thread options > Is there a way short of using Outlook (rpc over http) or VPN to change
> a users password via the internet?
You could create a web page to allow users to change passwords. Set it
up so that users connect via SSL, authenticate to the Active Directory
domain, and are presented with a web page that allows them to manage
their password (and maybe some other user attributes). Build the web
page with Asp.net 2.0 and have it process the changes on the domain.
This is possible (I've done it in Intranet situations with Asp.net
1.1).
The security concern is that the computer hosting the site could be
compromised. It makes an attractive target, right? After all, cracking
it could allow an attacker full access to user information. Having
this computer available on the Internet (even over a DMZ) is not a
good idea.
What is the reasoning for not using a VPN?
J Wolfgang Goerlich
Related Links:
Focus Changing Passwords over the Web ADSI helps you give users an
easy-to-use Web interface for changing their passwords
http://msdn2.microsoft.com/en-us/library/ms954412.aspx
How to use the System.DirectoryServices namespace in ASP.NET
http://support.microsoft.com/default.aspx?scid=kb;en-us;329986
Managing User Passwords
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/managing_user_passwords.asp
|
| Similar Threads | Posted | | Password policy change on domain | September 28, 2006, 9:25 am |
| Password policy in domain 2003 | April 28, 2008, 7:21 am |
| Unable to reset 2003 domain password policy. | October 17, 2006, 8:21 am |
| Outlook 2003 + Can't Publish to GAL | July 4, 2006, 7:27 am |
| Password Policy forces to change password - but too late... | June 27, 2007, 6:32 am |
| Internet Security Program and Outlook 2000 | June 7, 2006, 10:09 pm |
| RE: How to flag emails as spam all at once in Outlook 2003? | December 4, 2005, 9:36 pm |
| RE: How to flag emails as spam all at once in Outlook 2003? | December 4, 2005, 9:37 pm |
| Re: How to flag emails as spam all at once in Outlook 2003? | December 5, 2005, 12:36 am |
| Cannot access Smarcard through outlook 2003/2007 | October 26, 2007, 8:58 am |
|
XML site map