You can take advantage of any of yours IIS servers and make a scrip to change user's password. In OWA there is a registry key that will enable user's to change domain passwords using the web but I didn't investigate further about this issue since we do not allow the password change from outside our wan network.
enjoy,
En3pY
Sebastian Zdrojewski
Senior System & Network Administrator
TECHNOMIND S.p.A.
Via Galileo Galilei, 7 - 20124 Milano
Tel. +39 02.62.610.300 - Fax +39 02.62.610.333
Web: http://www.technomind.it/
________________________________
PRIVACY
Le informazioni contenute in questo messaggio sono riservate e confidenziali. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora Lei non fosse la persona a cui il presente messaggio è destinato, La invitiamo ad eliminarlo dal Suo Sistema ed a distruggere le varie copie o stampe, dandocene gentilmente comunicazione. Ogni utilizzo improprio è contrario ai principi del D.lgs 196/03 e alla legislazione Europea (Direttiva 2002/58/CE). Technomind S.p.A. opera in conformità D.lgs 196/2003 a alla legislazione Europea. Per qualsiasi informazione a riguardo si prega di contattare la nostra Società all'indirizzo mail: privacy (at) technomind (dot) it. [email concealed]
The information contained in this message as well as the attached file(s) is confidential/privileged and is only intended for the person to whom it is addressed. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, or you have received this communication in error, please be aware that any dissemination, distribution or duplication is strictly prohibited, and can be illegal. Please notify us immediately and delete all copies from your mailbox and other archives. For any further information please contact our Company at the following email address: privacy (at) technomind (dot) it. [email concealed]
________________________________
-----Messaggio originale-----
Da: Kern, Tom [mailto:tkern (at) CHARMER (dot) COM [email concealed]]
Inviato: venerdì 15 luglio 2005 18.32
A: sanjiv; focus-ms (at) securityfocus (dot) com [email concealed]
Oggetto: RE: Changing Windows domain password over Internet
I'm not sure about the issue with domain pw over a public net but to find out users whose password's are about to expire just use this-
dsquery user -stalepwd <numdaysSinceLastPwdChange>
Note this will tell you not just which users whose passwords are about to expire but also users who must change their password at next logon.
This also does not take into account things like cached logons where the pwdLastSet attrib is not updated in AD.
Good luck
-----Original Message-----
From: sanjiv [mailto:ska262001 (at) yahoo.co (dot) in [email concealed]]
Sent: Friday, July 15, 2005 11:38 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Changing Windows domain password over Internet
Hi,
Anybody in this list can you help me in changing the
windows domain password over Internet.
I have studied a bit and quickly come over these .HTR
files - "
aexp.htr, aexp2.htr, aexp2b.htr, aexp3.htr, aexp4.htr,
aexp4b.htr, anot.htr, anot3.htr", I have used
aexp2b.htr file for changing password over Internet.
My problem:
------------
I am not able to change domain password for accounts
which have expired. I am able to change the password
over the local netwqork even after it has expired and
want to incorporate the same functionality over the
Internet.
Questions2:
----------
Also is there a script, which can query my Active
Directory for user accounts whose password is about to
expire in next 14 days?
Thanks and Regards,
Sanjiv
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
You can take advantage of any of yours IIS servers and make a scrip to change user's password. In OWA there is a registry key that will enable user's to change domain passwords using the web but I didn't investigate further about this issue since we do not allow the password change from outside our wan network.
enjoy,
En3pY
Sebastian Zdrojewski
Senior System & Network Administrator
Tel: +39 02.62.610.317
Mobile: +39 347.6079.096
E-Mail: sebastian.zdrojewski (at) technomind (dot) it [email concealed]
TECHNOMIND S.p.A.
Via Galileo Galilei, 7 - 20124 Milano
Tel. +39 02.62.610.300 - Fax +39 02.62.610.333
Web: http://www.technomind.it/
________________________________
PRIVACY
Le informazioni contenute in questo messaggio sono riservate e confidenziali. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora Lei non fosse la persona a cui il presente messaggio è destinato, La invitiamo ad eliminarlo dal Suo Sistema ed a distruggere le varie copie o stampe, dandocene gentilmente comunicazione. Ogni utilizzo improprio è contrario ai principi del D.lgs 196/03 e alla legislazione Europea (Direttiva 2002/58/CE). Technomind S.p.A. opera in conformità D.lgs 196/2003 a alla legislazione Europea. Per qualsiasi informazione a riguardo si prega di contattare la nostra Società all'indirizzo mail: privacy (at) technomind (dot) it. [email concealed]
The information contained in this message as well as the attached file(s) is confidential/privileged and is only intended for the person to whom it is addressed. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, or you have received this communication in error, please be aware that any dissemination, distribution or duplication is strictly prohibited, and can be illegal. Please notify us immediately and delete all copies from your mailbox and other archives. For any further information please contact our Company at the following email address: privacy (at) technomind (dot) it. [email concealed]
________________________________
-----Messaggio originale-----
Da: Kern, Tom [mailto:tkern (at) CHARMER (dot) COM [email concealed]]
Inviato: venerdì 15 luglio 2005 18.32
A: sanjiv; focus-ms (at) securityfocus (dot) com [email concealed]
Oggetto: RE: Changing Windows domain password over Internet
I'm not sure about the issue with domain pw over a public net but to find out users whose password's are about to expire just use this-
dsquery user -stalepwd <numdaysSinceLastPwdChange>
Note this will tell you not just which users whose passwords are about to expire but also users who must change their password at next logon.
This also does not take into account things like cached logons where the pwdLastSet attrib is not updated in AD.
Good luck
-----Original Message-----
From: sanjiv [mailto:ska262001 (at) yahoo.co (dot) in [email concealed]]
Sent: Friday, July 15, 2005 11:38 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Changing Windows domain password over Internet
Hi,
Anybody in this list can you help me in changing the
windows domain password over Internet.
I have studied a bit and quickly come over these .HTR
files - "
aexp.htr, aexp2.htr, aexp2b.htr, aexp3.htr, aexp4.htr,
aexp4b.htr, anot.htr, anot3.htr", I have used
aexp2b.htr file for changing password over Internet.
My problem:
------------
I am not able to change domain password for accounts
which have expired. I am able to change the password
over the local netwqork even after it has expired and
want to incorporate the same functionality over the
Internet.
Questions2:
----------
Also is there a script, which can query my Active
Directory for user accounts whose password is about to
expire in next 14 days?
Thanks and Regards,
Sanjiv
____________________________________________________
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]