Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 712
  • Last Modified:

IISADMPWD for multiple domains

Im running win2003 IIS 6. I’ve setup the Change password feature so my users can change their domain passwords (IISADMPWD). I want to avoid having my users specify domain\username when changing password. I just want them to supply their username and IIS supply the domain. This I done successfully by editing the achg.asp file. However, I now have 2 domain and want the users to be able to still just supply their username only; however, I’m having trouble figuring this out. I believe I probably need to edit the achg.asp file somehow? Does anyone know what syntax I need to accomplish this?  

In addition, I think IIS runs as the IWAM account. I probably want it to run as a domain account correct? How do I do that?

I really appreciate any help anyone can provide!

Thxs
0
KratosDefense
Asked:
KratosDefense
  • 3
1 Solution
 
Ted BouskillSenior Software DeveloperCommented:
I'm not sure about how to change the achg.asp file and if it will work, however, I can tell you how to change the credentials for the process identity.

All running web applications in IIS belong to an application pool.  If you set the application pool identity it can run as a domain account.

I'd create a new application pool for the IISADMPWD application then reset the application pool identity
0
 
Brad HoweCommented:
Hi,
From your post, it sounds like you hardcoded the domain. As a workaround, What you could do is something like the following perhaps. Save this as a sample.asp and run it from your server first as a test to ensure it is parsing correctly for your requirements. You should see results like such:

User Details
You logged in as user: FirstName.LastName
Your Domain is: DomainName

From here, you could simply just substitute your Hardcoded Domain with the strNTDomain variable captured on page load.

<%
'PARSE DOMAIN(S) & User IDs.
Dim strNTUser,strNTDomain, iPos
strNTUser = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = Len(strNTUser) - InStr(1, strNTUser,"\")

strNTUser = Right(strNTUser, iPos)
strNTDomain = RTrim(Request.ServerVariables("LOGON_USER"))
iPos = InStr(1, strNTDomain,"\") - 1
strNTDomain = Left(strNTDomain, iPos)
%>

<HTML>
     <HEAD><TITLE>USER IDS</TITLE></HEAD>
      <BODY BGCOLOR="White" TOPMARGIN="10" LEFTMARGIN="10">
                  <FONT SIZE="4" FACE="ARIAL, HELVETICA"><B>USER DETAILS</B></FONT>
                  <BR>
                  <HR SIZE="1" COLOR="#000000">
                             You logged in as user:<B> <%=strNTUser %></B>
                             <br>
                            Your Domain is: <B> <%=strNTDomain %></B>
      </BODY>
</HTML>
What do you think?

Hope it helps, Hades666
0
 
Brad HoweCommented:
Note however that ANONYMOUS needs to be disabled.
And Integrated Windows Authenticaion should be enabled.
Otherwise, the Server Variables are not captured and seen as NULL.
Cheers, Hades666
0
 
Brad HoweCommented:
Also, per the processing account, by default, application pools operate under the NetworkService account in IIS6.

To change a identity for an application pool, right-click the application pool in question, select Properties from the context menu. In the Properties dialog box, select the Identity tab and change the Predefined user ID OR make it a Configurable domain acocunt that has read access to the Domain Catalog.
Cheers, Hades666
0
 
KratosDefenseAuthor Commented:
thxs
0

Featured Post

Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now