Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

LDAP/PHP Password Reset (force change at next login)

Posted on 2010-09-09
5
Medium Priority
?
1,766 Views
Last Modified: 2013-12-24
I am trying to create a script where the user will type in the username and then the password will be reset to a default password eg "changeme" which when the user logs in will be asked to change that password.

I want it saved as a function and will pass the username and directory in which the user is stored in Active directory  eg

changepassword($username,$dir){
   //etc etc
}

Any thoughts?
0
Comment
Question by:alumwell
  • 3
  • 2
5 Comments
 
LVL 26

Accepted Solution

by:
arober11 earned 375 total points
ID: 33638275
Not tried it but there are hundreds of php snippets out there that either Change an AD password or mark an AD password as expired, a few min's cutting and pasting should achieve what you want. Some code that sets a password to a constant and sets the PASSWORD_EXPIRED flag e.g.

http://www.letu.edu/people/markroedel/netcccu/activedirectorypasswordchanges.htm
http://snippets.dzone.com/posts/show/4059
http://forums.devshed.com/ldap-programming-76/modifying-active-directory-passwords-through-php-and-iis-74683.html
http://tracker.moodle.org/secure/attachment/11275/ad-pwd-expiration-18.diff
http://support.microsoft.com/default.aspx?scid=kb;en-us;305144
0
 
LVL 26

Expert Comment

by:arober11
ID: 33638591
0
 

Author Comment

by:alumwell
ID: 33650692
Thank you for the suggestions, However I cannot get them to work as I would like, A couple of those examples required the old password to function. I want to be able to type in a username (which is in the active directory) and then it will just reset the password to 'password' and would require the user to change their password upon logging in.

So any ideas on how to do this?
I have already done a search on this site for  passwords and LDAP and have not found what I am looking for.
0
 
LVL 26

Expert Comment

by:arober11
ID: 33756832
Yes, per my last post, the accepted solution, in POST http://www.experts-exchange.com/Q_23512181.html#21878543,  takes the user-id from a Text box, named: user_to_reset, log's into the Directory, then changes the Password to the contencts of variable: $userpassword and marks the password as expired.
0
 

Author Closing Comment

by:alumwell
ID: 33884296
 
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Instead of error trapping or hard-coding for non-updateable fields when using QODBC, let VBA automatically disable them when forms open. This way, users can view but not change the data. Part 1 explained how to use schema tables to do this. Part 2 h…
One of the most important things in an application is the query performance. This article intends to give you good tips to improve the performance of your queries.
The viewer will learn how to dynamically set the form action using jQuery.
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question