WebApp Sec mailing list archives
RE: Web based utility for securely changing AD password
From: "net shark" <netshark () sexmagnet com>
Date: Wed, 23 Nov 2005 09:28:20 -0000
AFAIK, the correct (M$ way) to do it, is through the AD services interface (ADSI). I saw a simple example in the technet, sometime ago. When making the correct calls to the ADSI, you can efectivelly change the user's password, as long as the script is executed in the Enterprise/domain admin security context. However AFAIK,you cannot read the password (not even it's hash). ADSI has specific procedures for user authentication in AD. Alex
-----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: 22 November 2005 18:32 To: webappsec () securityfocus com Subject: Fwd: Web based utility for securely changing AD password Hello All, This may be a little bit off-topic... ;-) Is anyone aware of a good web based utility that will allow users from several domains to change their Active Directory password securely? I tried IISADMPWD from http://support.microsoft.com/?id=555071 , but it is very flaky and does not work most of the time. -- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better. -- In Peace, Saqib Ali http://www.xml-dev.com/blog/ Consensus is good, but informed dictatorship is better.
Current thread:
- Fwd: Web based utility for securely changing AD password Saqib Ali (Nov 22)
- RE: Web based utility for securely changing AD password Gary Everekyan (Nov 23)
- RE: Web based utility for securely changing AD password net shark (Nov 23)
- <Possible follow-ups>
- RE: Web based utility for securely changing AD password Bates, Chris (Nov 25)
- Re: Web based utility for securely changing AD password Saqib Ali (Nov 25)