Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

how-to detect password changes

Posted on 2002-06-10
7
Medium Priority
?
228 Views
Last Modified: 2013-12-28
Hi,
I want to detect when a user has changed his password, so I can display a message (the message is a .exe and contains the security consideretions of my company).
I think two ideas, but (if exists) I need one simplest than mines! (I have a WinNT4 domain)
Here is what I think:
1. Place ADSI code in my .exe so -when it executes via login script- it could detect if the user has changed his password. Problems: I have Win95 worksations, so I need to deploy ADSI. Also I don't know yet if ADSI provides me the properties that I need.
2. Place a service in the PDC so it could detect the "change password event" in the security event viewer.
Any ideas?
Thanks in advance.
0
Comment
Question by:AndresM
  • 4
  • 3
7 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 7067699
Both good ideas but very difficult to implement.

I would use the NT option to show a message during login , telling the people of the password policy and what is expected.

Another option is to force everyone to change passwords, and show the message also.

I hope this helps !
0
 
LVL 63

Expert Comment

by:SysExpert
ID: 7067706
See

http://www.jsiinc.com/suba/tip0000/rh0024.htm

Logon Welcome/Legal Notice.




The Registry value entries that control the logon sequence for starting Windows NT are found under the following Registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

LegalNoticeCaption REG_SZ
Default: (none)

Specifies a caption for a message to appear when the user presses CTRL+ALT+DEL during logon. Add this value entry if you want to add a warning to be displayed when a user attempts to log on to a Windows NT system. The user cannot proceed with logging on without acknowledging this message. To specify text for the message, you must also specify a value for LegalNoticeText.

Note: You can use the System Policy Editor to change this value.

LegalNoticeText REG_SZ
Default: (none)

Specifies the message to appear when the user presses CTRL+ALT+DEL during logon. Add this value entry if you want to add a warning to be displayed when a user attempts to log on to a Windows NT system. The user cannot proceed with logging on without acknowledging this message. To control presentation, you may insert a lf/cr by copying the contents of lfcr.npd to the clipboard and pasteing it as you type. To include a caption for the logon notice, you must also specify a value forLegalNoticeCaption.

Note: You can use the System Policy Editor to change this value.

LogonPrompt REG_SZ
Default: "Enter a user name and password that is valid for this system."

The text entered appears in the Logon Information dialog box. This is designed for additional legal warnings to the user before they log on. This value entry does not appear in the Registry unless you add it.

Welcome REG_SZ
Default: (Title only; no message)

The text entered appears in the caption bar beside the title of the Begin Logon, Logon Information, Workstation Locked, and Unlock Workstation dialog boxes. This value entry does not appear in the Registry unless you add it.

NOTE: For Windows 2000, see tip 2313.

I hope this helps !

0
 
LVL 10

Author Comment

by:AndresM
ID: 7068129
Thanks for your comment, SysExpert.
I already have a Legal Notice Message working when a user attemps to logon... But the security people wants more....
Any other ideas..?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 63

Expert Comment

by:SysExpert
ID: 7068481
1)  Add it to the Legal Notice for  a  week and force everybody to do a change password.

or

2) in the login script, have a popup message show, and require people to hit an OK button to get rid of it.

I hope this helps !

0
 
LVL 10

Author Comment

by:AndresM
ID: 7068606
1) I already have a Legal Notice, with a simple advice, only a few lines. This works every time an user attemps to logon.
2) I already did that (the .exe application that I mentioned at the begining of the question), with another advice, one more complex (a lot of lines that talk about e-mails, xxx sites, etc..) than the Legal Notice. I did it one time, via login sciprt, for one day, so every user in my domain saw the advice at least one time.
But now the Security People wants to mantain the 2nd advice, but they want that only appears when the user changes his password...
0
 
LVL 63

Accepted Solution

by:
SysExpert earned 1200 total points
ID: 7068898
Tell them that it is not possible, unless you have some sort of script running that can detect a password change. As far as I know the password change is BEFORE the actual login, so that you can NOT do this using any method I can think of.

You may be able to do it the day before as a reminder by checking how long until the next password change, but I do not see any way of doing it at the time of the change itself.

See

http://www.optimumx.com/

for the Free

Network Password Age v1.30 (NetPWAge.exe)   Last Updated: 08/16/2000

Displays the password age for all accounts in the specified domain, both users and machines.  Very useful for cleaning out old, unused accounts from the NT SAM database.  Use 'NetPWAge /?' to view the syntax.

Operating Systems Supported:  Windows XP Windows 2000 Windows NT
 Download: NetPWAge_1.30.zip

I hope this helps !
0
 
LVL 10

Author Comment

by:AndresM
ID: 7070099
Thanks, SysExpert, I really appreciate your comments.

NetPWAge is an option, but has limitations too: if an user change his password before x day, I can't detect the event.

I found another option, but is very difficult too (I am not a C++ expert!)
HOWTO: Password Change Filtering & Notification in Windows NT http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q151082&

By now, I wrote a VBS that detects the change password event in the event viewer. But I don't know what to do after that.

I am going to leave the question open, just in case, for a few days. After that, I'll give you the points.

Thanks.

0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question