We are developing a web site that uses Active Directory security. We would like to store all information pertaining to users authentication credentials in Active Directory. I have seen many references to ASP.Net Active Directory security model in the .Net framework classes. In order to make password resets self service we would like to use the secret question and answer method to allow users to reset their password if they can answer the secret question correctly. Is this ability native to Active Directory, or would we have to modify the schema to allow this?