R
Richard Gutery
I have written a COM component who's purpose is to allow a user to change
his Windows (NT/AD) password via a web page. Now the component works fine
when I run it in VB 6, but not via the web page. The component also returns
an integer value that contains a return code from the Component (and the
appropriate Windows API). The result (using the ASP page) is Zero, which
indicates success. However the password doesn't change. (Zero = success, 100
= Invalid Domain, 101 = Invalid User, 102 = Invalid Password).
When using the component via VB or the LAN, we get correct results when
using bad Domains, Users and Passwords. So we are assured and confident that
the Component works as expected.
I suspected it had something to do with the IUSR account, so I added the
IUSR to the AD Domain Administrators group and the same result, ie return
result was Zero, which indicates apparent success - but the password didn't
change. So, I am at a bit of a loss as to why this doesn't work via an ASP
page.
As mentioned above, the component works fine via VB (both in the IDE and
Compiled), so we know that the code is all good and to make sure that I've
covered all the basis, I logged into AD with a normal user account and ran
the code. It worked fine. I realize that this is a security breach, but once
we have the component working via a browser, we'll tighten things up.
If anyone has any ideas, I would apprecicate pointers or some direction.
Thanks.
RG
his Windows (NT/AD) password via a web page. Now the component works fine
when I run it in VB 6, but not via the web page. The component also returns
an integer value that contains a return code from the Component (and the
appropriate Windows API). The result (using the ASP page) is Zero, which
indicates success. However the password doesn't change. (Zero = success, 100
= Invalid Domain, 101 = Invalid User, 102 = Invalid Password).
When using the component via VB or the LAN, we get correct results when
using bad Domains, Users and Passwords. So we are assured and confident that
the Component works as expected.
I suspected it had something to do with the IUSR account, so I added the
IUSR to the AD Domain Administrators group and the same result, ie return
result was Zero, which indicates apparent success - but the password didn't
change. So, I am at a bit of a loss as to why this doesn't work via an ASP
page.
As mentioned above, the component works fine via VB (both in the IDE and
Compiled), so we know that the code is all good and to make sure that I've
covered all the basis, I logged into AD with a normal user account and ran
the code. It worked fine. I realize that this is a security breach, but once
we have the component working via a browser, we'll tighten things up.
If anyone has any ideas, I would apprecicate pointers or some direction.
Thanks.
RG