The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone. Any comments, bug reports etc. are welcome...
The following article deals with account lockout policies as you may find in (but not limited to) Windows domains. The issues discussed apply to all Windows domains whose authentication relies on passwords alone (as opposed to multifactor authentication).