Solved

LDAP/PHP Password Reset (force change at next login)

Posted on 2010-09-09
5
1,467 Views
Last Modified: 2013-12-24
I am trying to create a script where the user will type in the username and then the password will be reset to a default password eg "changeme" which when the user logs in will be asked to change that password.

I want it saved as a function and will pass the username and directory in which the user is stored in Active directory  eg

changepassword($username,$dir){
   //etc etc
}

Any thoughts?
0
Comment
Question by:alumwell
  • 3
  • 2
5 Comments
 
LVL 26

Accepted Solution

by:
arober11 earned 125 total points
ID: 33638275
Not tried it but there are hundreds of php snippets out there that either Change an AD password or mark an AD password as expired, a few min's cutting and pasting should achieve what you want. Some code that sets a password to a constant and sets the PASSWORD_EXPIRED flag e.g.

http://www.letu.edu/people/markroedel/netcccu/activedirectorypasswordchanges.htm
http://snippets.dzone.com/posts/show/4059
http://forums.devshed.com/ldap-programming-76/modifying-active-directory-passwords-through-php-and-iis-74683.html
http://tracker.moodle.org/secure/attachment/11275/ad-pwd-expiration-18.diff
http://support.microsoft.com/default.aspx?scid=kb;en-us;305144
0
 
LVL 26

Expert Comment

by:arober11
ID: 33638591
0
 

Author Comment

by:alumwell
ID: 33650692
Thank you for the suggestions, However I cannot get them to work as I would like, A couple of those examples required the old password to function. I want to be able to type in a username (which is in the active directory) and then it will just reset the password to 'password' and would require the user to change their password upon logging in.

So any ideas on how to do this?
I have already done a search on this site for  passwords and LDAP and have not found what I am looking for.
0
 
LVL 26

Expert Comment

by:arober11
ID: 33756832
Yes, per my last post, the accepted solution, in POST http://www.experts-exchange.com/Q_23512181.html#21878543,  takes the user-id from a Text box, named: user_to_reset, log's into the Directory, then changes the Password to the contencts of variable: $userpassword and marks the password as expired.
0
 

Author Closing Comment

by:alumwell
ID: 33884296
 
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
CCModeler offers a way to enter basic information like entities, attributes and relationships and export them as yEd or erviz diagram. It also can import existing Access or SQL Server tables with relationships.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now