jwgoerlich
Mon Feb 19 05:38:41 CST 2007
> Is there a way short of using Outlook (rpc over http) or VPN to change
> a users password via the internet?
You could create a web page to allow users to change passwords. Set it
up so that users connect via SSL, authenticate to the Active Directory
domain, and are presented with a web page that allows them to manage
their password (and maybe some other user attributes). Build the web
page with Asp.net 2.0 and have it process the changes on the domain.
This is possible (I've done it in Intranet situations with Asp.net
1.1).
The security concern is that the computer hosting the site could be
compromised. It makes an attractive target, right? After all, cracking
it could allow an attacker full access to user information. Having
this computer available on the Internet (even over a DMZ) is not a
good idea.
What is the reasoning for not using a VPN?
J Wolfgang Goerlich
Related Links:
Focus Changing Passwords over the Web ADSI helps you give users an
easy-to-use Web interface for changing their passwords
http://msdn2.microsoft.com/en-us/library/ms954412.aspx
How to use the System.DirectoryServices namespace in ASP.NET
http://support.microsoft.com/default.aspx?scid=kb;en-us;329986
Managing User Passwords
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/managing_user_passwords.asp