Windows Authentication - How to allow users to change passwords andother account services?

  • Thread starter Thread starter Mel
  • Start date Start date
M

Mel

We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?
 
We have a private website, we call it a portal, where people can login
and get quotes and such. When you go to the portal URL (https://
example.url.com) a small dialog appears (I believe this is windows
authentication) when they enter their username and password and click
OK which logs them in and they arrive at the home page of our portal.
These portal users are granted access to the system by adding them as
a new user Active Directory and adding them to a group that has
certain rights on the web server. One problem with this setup is our
users do not have the ability to change their password to something
else they prefer. Is there a better way to design our website to
accommodate this and still keep our network secure?
Click to expand...

Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH
 
Hi Mel

If you are using System.DirectoryServices to access AD then use the
Invoke() method of a DirectoryEntry object to run SetPassword.exe to
change a user password.

You don't say which version of ASP.NET you are working with but if
it's version 2 or above then you might consider using Forms
authentication with Membership and Roles to control access to the
site.

HTH
Click to expand...

Yes, I am using asp.net 2.0, visual studio 2005 Pro, vb.net. In your
opinion, do you think using Forms authentication would be a better way
to go? Would that give me more capabilities and more features?
 
Back
Top