?
Solved

Almost solved - Change Windows User Password through ASP

Posted on 2003-03-06
7
Medium Priority
?
365 Views
Last Modified: 2007-12-19
Hello there.
I want to be able to change the password of a Windows User through an ASP page using VBscript or Javascript. The idea is the user to give in three text boxes the username, the old password and the new password. If the old is correct the new must replace the old.
As a hint I give you the code I use to create users:

vbs file:
**************************************************
Const ADS_UF_DONT_EXPIRE_PASSWD = &h10000
Set objRootDSE = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootDSE.Get("defaultNamingContext"))

Set objLeaf = objContainer.Create("User", "cn=cup34_1")
objLeaf.Put "sAMAccountName", "cup34_1"
objLeaf.SetInfo
objLeaf.SetPassword "genesis1980"
objLeaf.Put "userPrincipalName", "cup34_1@genesis.com"
objLeaf.Put "userAccountControl",ADS_UF_DONT_EXPIRE_PASSWD
objLeaf.SetInfo
**************************************************
0
Comment
Question by:chrispkotsiopoulos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:chrispkotsiopoulos
ID: 8079496
Or the next best thing is someone to tell me why the .vbs below doesn't work:

Set usr = GetObject("LDAP://cn=foobar,cn=Users,dc=Microsoft,dc=com")
usr.SetPassword "topsecret98"
WScript.Echo "Password Changed!"

In order to run the above you have to be in front of a Domain Controler Win 2000 Server machine in the Active Directory.
0
 

Author Comment

by:chrispkotsiopoulos
ID: 8080844
I found a vbs script that does the job:
***********************************
Dim UserName
Dim UserDomain
UserDomain = InputBox("Enter the user's login domain name")
UserName = InputBox("Enter the user's login name")
Set User = GetObject("WinNT://"& UserDomain &"/"& UserName &"",user)

Dim NewPassword
NewPassword = InputBox("Enter new password")
Call User.SetPassword(NewPassword)

If err.number = 0 Then
    Wscript.Echo "The password change was successful."
Else
    Wscript.Echo "The password change failed!"
End if
***********************************

I tried to implement it in ASP like this:
change_passw1.htm:

***********************************
<form method="get" action="changepassword2.asp">
First Name: <input type="text" name="myusername">
<br />
Last Name: <input type="text" name="mypassword">
<br /><br />
<input type="submit" value="Submit">
</form>
***********************************

change_password2.asp:
***********************************
<body>
<%
Dim UserName
Dim UserDomain
UserDomain = "ariadni.gr"
UserName = request.querystring("myusername")
Set User = GetObject("WinNT://"& UserDomain &"/"& UserName &"",user)

Dim NewPassword
NewPassword = request.querystring("mypassword")

Call User.SetPassword(NewPassword)

If err.number = 0 Then
    Response.Write "The password change was successful."
Else
    Response.Write "The password change failed!"
End if
%>
</body>
***********************************

The problem is that I receive the following error message:
Active Directory error '80070005'
General access denied error
/kep/change_password2.asp, line 13

What's wrong with it?

I'm tired talking to myself...
0
 
LVL 7

Expert Comment

by:lavinder
ID: 8086486
Hi chris

 ASP runs under account of machine user and that user does not has any right to modify the properties of any user. Therefore you get this error 80070005, which means : The user has insufficient access right.
 
 Therefore i suggest either you:

1) allow the machine user account permission to modify user properties (risky !!)
2) login with administrator's login and password, (OpenDSObject method) and change the password of user.

cheers!!
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 7

Expert Comment

by:lavinder
ID: 8086514
0
 

Author Comment

by:chrispkotsiopoulos
ID: 8087503
If I use javaScript instead of ASP will I solve the 'access denied' error?
0
 
LVL 7

Accepted Solution

by:
lavinder earned 1960 total points
ID: 8087791
nope (answer to your last post)
0
 

Author Comment

by:chrispkotsiopoulos
ID: 8157736
Well...
I found it at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnw2kmag01/html/passwords.asp

and I improve it like this:

***********************************
ChangePasswordEntry.asp

<%@ Language=VBScript %>

<HTML>
<HEAD>
</HEAD>

<SCRIPT>
function validate()
{
     if (document.frmLogin.txtNewPassword2.value!=document.frmLogin.txtNewPassword.value)
     {
       alert("Ïé êùäéêïß ðïõ Ýäùóåò äåí ôáéñéÜæïõí.")
       return false
     }

     return true
}
</SCRIPT>

<BODY>
<H1 align=center>CHANGE PASSWORD</H1>
<P>&nbsp;</P>
<P>Put User name and Password:</P>
<P>
<FORM action="ChangePassword1.asp" method=post id=frmLogin name=frmLogin onsubmit="return validate()">

<TABLE border=0 cellPadding=1 cellSpacing=1 width="75%">
 
  <TR>
    <TD>User Name</TD>
    <TD><INPUT id=txtUserName name=txtUserName
      style="HEIGHT: 25px; WIDTH: 365px">
</TD></TR>
  <TR>
    <TD>Existing Password</TD>
    <TD><INPUT id=txtPassword name=txtPassword
      type=password style="LEFT: 1px; TOP: 3px">
</TD></TR>
  <TR>
    <TD>New Password</TD>
    <TD><INPUT id=txtNewPassword name=txtNewPassword
      type=password>
</TD></TR>
  <TR>
    <TD>Confirm new password</TD>
    <TD><INPUT id=txtNewPassword2 name=txtNewPassword2
      type=password>
</TD></TR>
</TABLE></P>
<P><INPUT type="submit" value="Go!" id=submit1 name=submit1>&nbsp;
</P></FORM>
<P>&nbsp;</P>

</BODY>
</HTML>
****************************************************

ChangePassword1.asp:


<%@ Language=VBScript %>
<%

dim sUser, sPassword
dim oUser, sConnectString

sUser = request("txtUserName")
sPassword = request("txtPassword")
sNewPassword = request("txtNewPassword")
if sUser = "" then Response.Redirect "ChangePasswordEntry.asp"

On Error Resume Next
sConnectString = "WinNT://ariadni.gr/" & sUser & ",user"
Set oUser = GetObject(sConnectString)

oUser.ChangePassword sPassword, sNewPassword
set oUser = Nothing

If (err.number <> 0) Then
Response.Redirect "ChangePasswordEntry_error.asp"
else
Response.Write "Ï Êùäéêüò ÷ñÞóôç Üëëáîå ìå åðéôõ÷ßá"
end if

%>
***********************************************

ChangePasswordEntry_error.asp:
Same as ChangePasswordEntry.asp, instead of
<H1 align=center>CHANGE PASSWORD</H1> you put:
<H1 align=center>WRONG GIVEN PASSWORD - TRY AGAIN</H1>

Lavinder thanks for helping.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question