asked on
Allow users to change password using IIS
I have a server which hosts reports using SQL Reporting Services. The users have Windows accounts on the server hosting the reports, and authenticate using these credentials.
I would like to allow users to change their password / to force password changes every 60 days, and ensuring password complexity standards are met.
What would be the best way to achieve this?
Thanks.
I would like to allow users to change their password / to force password changes every 60 days, and ensuring password complexity standards are met.
What would be the best way to achieve this?
Thanks.
Microsoft IIS Web ServerMicrosoft SQL Server 2005
Last Comment
Ted Bouskill
Can't be done without removing all of the security on the web server.
ASKER
What do you mean by this?
That it cannot be done unless the Windows security model is replaced with another?
That it cannot be done unless the Windows security model is replaced with another?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Point taken, thanks for briefly running through the underlying access model.
So by allowing users to change their password, would require elevated privileges for that process, which could put the server/domain at risk. Not a good thing.
So by allowing users to change their password, would require elevated privileges for that process, which could put the server/domain at risk. Not a good thing.
Yes, you have it now. IIS is actually a very secure application if configured correctly and you stick with the default privileges for the process accounts.