Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

IISADMPWD for multiple domains

Posted on 2010-09-14
5
676 Views
Last Modified: 2012-05-10
Im running win2003 IIS 6. I’ve setup the Change password feature so my users can change their domain passwords (IISADMPWD). I want to avoid having my users specify domain\username when changing password. I just want them to supply their username and IIS supply the domain. This I done successfully by editing the achg.asp file. However, I now have 2 domain and want the users to be able to still just supply their username only; however, I’m having trouble figuring this out. I believe I probably need to edit the achg.asp file somehow? Does anyone know what syntax I need to accomplish this?  

In addition, I think IIS runs as the IWAM account. I probably want it to run as a domain account correct? How do I do that?

I really appreciate any help anyone can provide!

Thxs
0
Comment
Question by:KratosDefense
  • 3
5 Comments
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 33685552
I'm not sure about how to change the achg.asp file and if it will work, however, I can tell you how to change the credentials for the process identity.

All running web applications in IIS belong to an application pool.  If you set the application pool identity it can run as a domain account.

I'd create a new application pool for the IISADMPWD application then reset the application pool identity
0
 
LVL 30

Accepted Solution

by:
Brad Howe earned 500 total points
ID: 33688098
Hi,
From your post, it sounds like you hardcoded the domain. As a workaround, What you could do is something like the following perhaps. Save this as a sample.asp and run it from your server first as a test to ensure it is parsing correctly for your requirements. You should see results like such:

User Details
You logged in as user: FirstName.LastName
Your Domain is: DomainName

From here, you could simply just substitute your Hardcoded Domain with the strNTDomain variable captured on page load.

<%
'PARSE DOMAIN(S) & User IDs.
Dim strNTUser,strNTDomain, iPos
strNTUser = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = Len(strNTUser) - InStr(1, strNTUser,"\")

strNTUser = Right(strNTUser, iPos)
strNTDomain = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = InStr(1, strNTDomain,"\") - 1
strNTDomain = Left(strNTDomain, iPos)
%>

<HTML>
     <HEAD><TITLE>USER IDS</TITLE></HEAD>
      <BODY BGCOLOR="White" TOPMARGIN="10" LEFTMARGIN="10">
                  <FONT SIZE="4" FACE="ARIAL, HELVETICA"><B>USER DETAILS</B></FONT>
                  <BR>
                  <HR SIZE="1" COLOR="#000000">
                             You logged in as user:<B> <%=strNTUser %></B>
                             <br>
                            Your Domain is: <B> <%=strNTDomain %></B>
      </BODY>
</HTML>
What do you think?

Hope it helps, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688104
Note however that ANONYMOUS needs to be disabled.
And Integrated Windows Authenticaion should be enabled.
Otherwise, the Server Variables are not captured and seen as NULL.
Cheers, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688120
Also, per the processing account, by default, application pools operate under the NetworkService account in IIS6.

To change a identity for an application pool, right-click the application pool in question, select Properties from the context menu. In the Properties dialog box, select the Identity tab and change the Predefined user ID OR make it a Configurable domain acocunt that has read access to the Domain Catalog.
Cheers, Hades666
0
 

Author Closing Comment

by:KratosDefense
ID: 33803481
thxs
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Logparser is the smartest tool I have ever used in parsing IIS log files and there are many interesting things I wanted to share with everyone one of the  real-world  scenario from my current project. Let's get started with  scenario - How do w…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question