?
Solved

IISADMPWD for multiple domains

Posted on 2010-09-14
5
Medium Priority
?
702 Views
Last Modified: 2012-05-10
Im running win2003 IIS 6. I’ve setup the Change password feature so my users can change their domain passwords (IISADMPWD). I want to avoid having my users specify domain\username when changing password. I just want them to supply their username and IIS supply the domain. This I done successfully by editing the achg.asp file. However, I now have 2 domain and want the users to be able to still just supply their username only; however, I’m having trouble figuring this out. I believe I probably need to edit the achg.asp file somehow? Does anyone know what syntax I need to accomplish this?  

In addition, I think IIS runs as the IWAM account. I probably want it to run as a domain account correct? How do I do that?

I really appreciate any help anyone can provide!

Thxs
0
Comment
Question by:KratosDefense
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 33685552
I'm not sure about how to change the achg.asp file and if it will work, however, I can tell you how to change the credentials for the process identity.

All running web applications in IIS belong to an application pool.  If you set the application pool identity it can run as a domain account.

I'd create a new application pool for the IISADMPWD application then reset the application pool identity
0
 
LVL 30

Accepted Solution

by:
Brad Howe earned 2000 total points
ID: 33688098
Hi,
From your post, it sounds like you hardcoded the domain. As a workaround, What you could do is something like the following perhaps. Save this as a sample.asp and run it from your server first as a test to ensure it is parsing correctly for your requirements. You should see results like such:

User Details
You logged in as user: FirstName.LastName
Your Domain is: DomainName

From here, you could simply just substitute your Hardcoded Domain with the strNTDomain variable captured on page load.

<%
'PARSE DOMAIN(S) & User IDs.
Dim strNTUser,strNTDomain, iPos
strNTUser = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = Len(strNTUser) - InStr(1, strNTUser,"\")

strNTUser = Right(strNTUser, iPos)
strNTDomain = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = InStr(1, strNTDomain,"\") - 1
strNTDomain = Left(strNTDomain, iPos)
%>

<HTML>
     <HEAD><TITLE>USER IDS</TITLE></HEAD>
      <BODY BGCOLOR="White" TOPMARGIN="10" LEFTMARGIN="10">
                  <FONT SIZE="4" FACE="ARIAL, HELVETICA"><B>USER DETAILS</B></FONT>
                  <BR>
                  <HR SIZE="1" COLOR="#000000">
                             You logged in as user:<B> <%=strNTUser %></B>
                             <br>
                            Your Domain is: <B> <%=strNTDomain %></B>
      </BODY>
</HTML>
What do you think?

Hope it helps, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688104
Note however that ANONYMOUS needs to be disabled.
And Integrated Windows Authenticaion should be enabled.
Otherwise, the Server Variables are not captured and seen as NULL.
Cheers, Hades666
0
 
LVL 30

Expert Comment

by:Brad Howe
ID: 33688120
Also, per the processing account, by default, application pools operate under the NetworkService account in IIS6.

To change a identity for an application pool, right-click the application pool in question, select Properties from the context menu. In the Properties dialog box, select the Identity tab and change the Predefined user ID OR make it a Configurable domain acocunt that has read access to the Domain Catalog.
Cheers, Hades666
0
 

Author Closing Comment

by:KratosDefense
ID: 33803481
thxs
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question