Solved

IISADMPWD for multiple domains

Posted on 2010-09-14
5
685 Views
Last Modified: 2012-05-10
Im running win2003 IIS 6. I’ve setup the Change password feature so my users can change their domain passwords (IISADMPWD). I want to avoid having my users specify domain\username when changing password. I just want them to supply their username and IIS supply the domain. This I done successfully by editing the achg.asp file. However, I now have 2 domain and want the users to be able to still just supply their username only; however, I’m having trouble figuring this out. I believe I probably need to edit the achg.asp file somehow? Does anyone know what syntax I need to accomplish this?  

In addition, I think IIS runs as the IWAM account. I probably want it to run as a domain account correct? How do I do that?

I really appreciate any help anyone can provide!

Thxs
0
Comment
Question by:KratosDefense
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 33685552
I'm not sure about how to change the achg.asp file and if it will work, however, I can tell you how to change the credentials for the process identity.

All running web applications in IIS belong to an application pool.  If you set the application pool identity it can run as a domain account.

I'd create a new application pool for the IISADMPWD application then reset the application pool identity
0
 
LVL 30

Accepted Solution

by:
Brad Howe earned 500 total points
ID: 33688098
Hi,
From your post, it sounds like you hardcoded the domain. As a workaround, What you could do is something like the following perhaps. Save this as a sample.asp and run it from your server first as a test to ensure it is parsing correctly for your requirements. You should see results like such:

User Details
You logged in as user: FirstName.LastName
Your Domain is: DomainName

From here, you could simply just substitute your Hardcoded Domain with the strNTDomain variable captured on page load.

<%
'PARSE DOMAIN(S) & User IDs.
Dim strNTUser,strNTDomain, iPos
strNTUser = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = Len(strNTUser) - InStr(1, strNTUser,"\")

strNTUser = Right(strNTUser, iPos)
strNTDomain = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = InStr(1, strNTDomain,"\") - 1
strNTDomain = Left(strNTDomain, iPos)
%>

<HTML>
     <HEAD><TITLE>USER IDS</TITLE></HEAD>
      <BODY BGCOLOR="White" TOPMARGIN="10" LEFTMARGIN="10">
                  <FONT SIZE="4" FACE="ARIAL, HELVETICA"><B>USER DETAILS</B></FONT>
                  <BR>
                  <HR SIZE="1" COLOR="#000000">
                             You logged in as user:<B> <%=strNTUser %></B>
                             <br>
                            Your Domain is: <B> <%=strNTDomain %></B>
      </BODY>
</HTML>
What do you think?

Hope it helps, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688104
Note however that ANONYMOUS needs to be disabled.
And Integrated Windows Authenticaion should be enabled.
Otherwise, the Server Variables are not captured and seen as NULL.
Cheers, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688120
Also, per the processing account, by default, application pools operate under the NetworkService account in IIS6.

To change a identity for an application pool, right-click the application pool in question, select Properties from the context menu. In the Properties dialog box, select the Identity tab and change the Predefined user ID OR make it a Configurable domain acocunt that has read access to the Domain Catalog.
Cheers, Hades666
0
 

Author Closing Comment

by:KratosDefense
ID: 33803481
thxs
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IIS8 IP Address and Domain Restrictions 17 214
Sweet32 Vulnerability in Microsoft IIS7.5 6 3,697
Run ColdFusion website locally 1 44
Running powershell scripts from ASP.NET 6 83
Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question