Implementing A Custom Password Change Utility for AD Logon
Posted on 2009-05-18
I've been looking around online all day for some information on this, and I can't find the "right" answer(s) for what I'm trying to accomplish. First off, though, let me start by saying that I've seen something similar to this done in a large corporation environment. That being said, though, I don't know how easy or difficult it is to make it happen.
What I'd like to do is create a very simple, custom application for changing a user's password for their Active Directory logon that will also update the login credentials for other servers (database and mail) at the same time. Of course, that isn't the difficult part as I can put together the actual application code and such with a little time and effort. The "problem" I'm running into is that I want this custom application to replace the existing password change dialog that Windows uses when a user's password has, or is getting ready to expire.
The implementation I saw was a little different than this in that the company I worked for had modified the "CTRL+ALT+DEL" security dialog to redirect a user to a Web interface that reset a number of passwords (AS400, mail, AD, and several custom applications) all at once. I suppose this is an alternative to the way I'd like to do it, but I'm not sure about how to accomplish that either. Either way, I'd really like to make a simple application that will synchronize the login credentials for all of the servers to which the user has to connect during the normal course of their job functions. The important piece is the ability to access this application without actually being logged into the domain. Of course, I'll have it check/confirm some identifiable piece of information before actually allowing the password to be changed.
Any suggestions, pointers or other assistance in this would be greatly appreciated. Thank you so much for your time.