Our web application is using Windows Authenication. We use LDAP provider and Active Directory to query information about the windows account.
One of the features we are trying to implement is the ability for the web application to reset expired user account. Ideally, it will work similar to the way when you log onto your computer with a user account that has the "User must change password at
next logon" enabled, you'll see a window requesting for a new password. Furthermore, we'd like to be able to differentiate between an Expired password credential versus an invalid one provided so that we can provide them the option to reset the user's expired
password.
Is this possible under a web application using Windows Authentication for security? I've been unsuccessful in differentiating between invalid credential versus "Expired" or "User Must Change Password at Next Logon" login attempts.
Any suggestions on possible ways to implement this would be greatly appreciated. Thanks in advance.
kphan714
Member
2 Points
2 Posts
Windows Authentication and the Ability to Reset Expired Password Accounts
May 30, 2008 04:57 PM|LINK
Hi,
Our web application is using Windows Authenication. We use LDAP provider and Active Directory to query information about the windows account.
One of the features we are trying to implement is the ability for the web application to reset expired user account. Ideally, it will work similar to the way when you log onto your computer with a user account that has the "User must change password at next logon" enabled, you'll see a window requesting for a new password. Furthermore, we'd like to be able to differentiate between an Expired password credential versus an invalid one provided so that we can provide them the option to reset the user's expired password.
Is this possible under a web application using Windows Authentication for security? I've been unsuccessful in differentiating between invalid credential versus "Expired" or "User Must Change Password at Next Logon" login attempts.
Any suggestions on possible ways to implement this would be greatly appreciated. Thanks in advance.