Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Web based utility for securely changing AD password

from [net shark] Network Security [Permanent Link]
Subject: RE: Web based utility for securely changing AD password
Date: Wed, 23 Nov 2005 09:28:20 -0000 
AFAIK, the correct (M$ way) to do it, is through the AD services interface
(ADSI).
I saw a simple example in the technet, sometime ago.
When making the correct calls to the ADSI, you can efectivelly change the
user's password, as long as the script is executed in the Enterprise/domain
admin security context.
However AFAIK,you cannot read the password (not even it's hash). ADSI has
specific procedures for user authentication in AD.

Alex


-----Original Message-----
From: Saqib Ali [mailto:docbook.xml@gmail.com]
Sent: 22 November 2005 18:32
To: webappsec@securityfocus.com
Subject: Fwd: Web based utility for securely changing AD password

Hello All,

This may be a little bit off-topic...  ;-)

Is anyone aware of a good web based utility that will allow users from
several domains to change their Active Directory password securely?

I tried IISADMPWD from http://support.microsoft.com/?id=555071 , but
it is very flaky and does not work most of the time.

--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.


--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Web based utility for securely changing AD password, Gary Everekyan
Next by Date:  2nd CFP: The First International Conference on Availability, Reliability and Security (AReS 2006), 20-22 April, 2006, Vienna, Austria, Manh Tho
Previous by Thread:  RE: Web based utility for securely changing AD password, Gary Everekyan
Next by Thread:  RE: Web based utility for securely changing AD password, Bates, Chris
Indexes:  [Date] [Thread] [Top] [All Lists]