Windows Authentication - How to allow users to change passwords andother account services?

M

Mel

We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?
 
S

Stan

We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?

Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH
 
M

Mel

Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH

Yes, I am using asp.net 2.0, visual studio 2005 Pro, vb.net. In your
opinion, do you think using Forms authentication would be a better way
to go? Would that give me more capabilities and more features?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top