Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Webpage to change NT4 password

Posted on 2004-04-30
4
454 Views
Last Modified: 2008-02-26
I need a webpage that a user can use to change their NT4 password.  It is for users.. must run on W2k/IIS 5.0


Username
"old" password

New password
confirm new

im just dont know how i can do this, any help would be appreciated.  

I have a seperate question open that is asking how to do this so that it can change the NT4 password and the Novell password using the same information.
0
Comment
Question by:hartnessjr
  • 2
4 Comments
 
LVL 23

Expert Comment

by:rama_krishna580
ID: 10960827
0
 
LVL 2

Accepted Solution

by:
TheBrothaULuv2H8 earned 250 total points
ID: 10961521
USE THE

IISADMPWD  utility which comes with Windows

The utility is located  systemroot%\system32\inetsrv

You can make a viritual directory on your IIS site, and modify it to go with your extranet loock.

DETAILS
==================
By default, the IIS installation creates the iisadmpwd directory in \%systemroot%\system32\inetsrv. This directory contains nine .htr (really just Active Server Pages—ASP) files that let users change their Windows NT passwords. Users must access these files as a secure resource (using HTTP over Secure Sockets Layer—HTTPS) for them to work properly. (In July 1999, Microsoft released a security bulletin about malicious users possibly using .htr files to execute arbitrary code on a server. You can find information about this risk and a patch at http://www.microsoft.com/technet/security/ bulletin/ms99-019.asp.)

Here's a list of each of the nine files and their respective functions:

Aexp.htr —Password has expired. This file forces users to change their passwords and then allows a redirect to the resource the users are attempting to access. The file first checks to see whether the users' browsers are HTTPS capable; if they aren't, it displays a password expired message and then errors out.
Aexp2.htr—User-initiated password change. When users complete the password change, this file redirects them to the resource they're attempting to access. The file uses HTTPS to post the form.
Aexp2b.htr—This file is the same as aexp2.htr, except that it also has a Domain dialog box.
Aexp3.htr—Password has expired. The file forces users to change their passwords before continuing. This file is the same as aexp.htr, except that it doesn't check whether the browsers support HTTPS.
Aexp4.htr—This file is the same as aexp2.htr, except that it doesn't use HTTPS to post the form.
Aexp4b.htr—This file is the same as aexp2b.htr, except that it doesn't use HTTPS to post the form.
Anot.htr—This file alerts users that they have xx days until password expiration, then prompts users to change passwords (if they do, the file sends the users to aexp2.htr).
Anot3.htr—This file is the same as anot.htr, except that it sends users to aexp4.htr.
Achg.htr—This file displays a message if an error occurs while the users are changing their passwords (e.g., the new password and confirmation password don't match; the new password doesn't meet the required password restrictions for your domain).
All these files are plaintext, and you can edit them to make them look cleaner or fit the feel of your intranet, extranet, or whatever they're running on. (Note: Be sure to back up the ASP files before you edit them.) Keep in mind that IIS requires the virtual directory iisadmpwd for this functionality to work. This functionality works well with both NT Challenge/Response authentication and Basic authentication, but if you use Basic authentication on an Internet-accessible server, you really should use Secure Sockets Layer (SSL).

For more information about the iisadmpwd directory and changing passwords, see the following Microsoft articles:

"How to Change Windows NT Account Passwords Using Internet Information Server (IIS) 4.0" (http://support.microsoft.com/support/kb/articles/q184/6/19.asp)
"How to Configure the IISADMPWD Pages for Different Ports" (http://support.microsoft.com/support/kb/articles/q240/6/54.asp)


0
 

Author Comment

by:hartnessjr
ID: 10973907
Thank you for your answers.. if im using novell 5.0 also would it be possible to change that accounts password using the same info boxes through vb?
0
 
LVL 2

Expert Comment

by:TheBrothaULuv2H8
ID: 10978399
That I don't know...I've never been in a Novell enviornment.  Good luck with that one.  Glad I could help with the other.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
Because your company can’t afford for you to make SEO mistakes, you’ll want to ensure you’re taking the right steps each and every time you post a new piece of content. This list of optimization do’s and don’ts can help you become an SEO wizard.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question