Security Basics mailing list archives
RE: Automatic Password Reset
From: "Mohamed Farid" <mfarid () mscc com eg>
Date: Tue, 5 Jun 2007 13:43:12 +0300
Dear Saqib : Where exactly should I add this code ? Please help me more because I don't have the experience for editing web-pages ... Thanks ,,, Mohamed Farid ,, -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ali, Saqib Sent: Monday, June 04, 2007 8:55 PM To: Mohamed Farid Cc: security-basics () securityfocus com Subject: Re: Automatic Password Reset This can be easily done using a small ADSI script running on the same server as your Web Interface Server (NFuse). Here is the ASPX code that will do the trick: --------------------------------------------- user = New DirectoryEntry("LDAP://" & userDomain & "/" & userDN) user.Invoke("SetPassword", newPassword) user.Properties("pwdLastSet").Value() = -1 user.CommitChanges() ------------------------------------- Of course you will have write some code for the challenge questions and lookup the user in the AD using LDAP calls. saqib http://www.full-disk-encryption.net On 6/4/07, Mohamed Farid <mfarid () mscc com eg> wrote:
Dear All : I have Citrix 4.0 implemented at my company and a lot of users are logging to it using the web interface technique... I need a way to make the users automatically reset their passwords if they forget it by going through some pre-configured questions and answers .. I need some application names which is doing that ... I saw sort of them in the past but I failed to find them ... Mohamed Farid ,, * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
This e-mail (including attachments) is classified as Mediterranean
Smart Cards Company confidential and proprietary information
The recipient hereby is committed to hold in strict confidence the
contents of this (e-mail, document, and information) and not to disclose to any third party without the prior written consent of Mediterranean Smart Cards Company.
Recipient will be held liable for any unauthorized disclosure. It is intended solely for the addressee. Unless you are the addressee,
you may not read, copy, use or store this e-mail in any way, or permit others to.
If you have received it in error, please notify the sender by return
e-mail and delete the message in its entirety, including any attachments
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
-- Saqib Ali, CISSP, ISSAP http://www.full-disk-encryption.net
Current thread:
- Automatic Password Reset Mohamed Farid (Jun 04)
- Re: Automatic Password Reset Ali, Saqib (Jun 04)
- RE: Automatic Password Reset Mohamed Farid (Jun 05)
- Re: Automatic Password Reset Ali, Saqib (Jun 05)
- RE: Automatic Password Reset Mohamed Farid (Jun 05)
- Re: Automatic Password Reset Ali, Saqib (Jun 04)