Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Web based utility for securely changing AD password

from [Bates, Chris] Network Security [Permanent Link]
Subject: RE: Web based utility for securely changing AD password
Date: Wed, 23 Nov 2005 08:10:14 -0800 
Depending on you needs, you can write up a quick one in ASP.NET or
VBScript.
Shouldn't be much more then 20 to 30 lines of code.


----------------------------------------------------------------------
Chris Bates (CISSP)
Infrastructure Management Consultant
ACS Inc. (Enterprise Services; NWDC)
Chris.Bates@nwdc.net
D: 503.466.6926
C: 503.789.6064

-----Original Message-----
From: net shark [mailto:netshark@sexmagnet.com] 
Sent: Wednesday, November 23, 2005 1:28 AM
To: webappsec@securityfocus.com
Subject: RE: Web based utility for securely changing AD password

AFAIK, the correct (M$ way) to do it, is through the AD services
interface (ADSI).
I saw a simple example in the technet, sometime ago.
When making the correct calls to the ADSI, you can efectivelly change
the user's password, as long as the script is executed in the
Enterprise/domain admin security context.
However AFAIK,you cannot read the password (not even it's hash). ADSI
has specific procedures for user authentication in AD.

Alex


-----Original Message-----
From: Saqib Ali [mailto:docbook.xml@gmail.com]
Sent: 22 November 2005 18:32
To: webappsec@securityfocus.com
Subject: Fwd: Web based utility for securely changing AD password

Hello All,

This may be a little bit off-topic...  ;-)

Is anyone aware of a good web based utility that will allow users from



several domains to change their Active Directory password securely?

I tried IISADMPWD from http://support.microsoft.com/?id=555071 , but 
it is very flaky and does not work most of the time.

--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.


--
In Peace,
Saqib Ali
http://www.xml-dev.com/blog/
Consensus is good, but informed dictatorship is better.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Apache mode_security, Ivan Ristic
Next by Date:  notice: mambo scanner, Serban Ghita
Previous by Thread:  RE: Web based utility for securely changing AD password, net shark
Next by Thread:  Re: Web based utility for securely changing AD password, Saqib Ali
Indexes:  [Date] [Thread] [Top] [All Lists]