Page 3 - Modifying Active Directory passwords through PHP and IIS

Yep you're on track, I currently use openLdap but I imagin that AD works the same. First I connect with auth account and verify that the username exists then I attemp to log in as the user if it sucesseds then I use it. The double connection is for security purposes to make sure it is a vaild user.

Your shameless advertising worked - I am now hosting introspected.com with custom monster. What affiliation do you have with them? I've been pretty happy so far..

He's a friend of mine I don't have a site so I asked him if he wanted me to put his site there. He does great work and it is a great hosting company glad you like it.

I've learned a lot from this site so i've decided to give my advice on how ma AD Admin Frontend works!
I still can't get the Password changed, but that will come in time!



Here is the code i use to authenticate via Active Directory



One question, does the CA need to be the Server that Ldap is on?
i've got it a standalone given server & client certificates to the webserver!

From the information that I have it can be on a separate server.

Some of you guys are missing the point - I can authenticate to Active Directory, which is easy (as some of you have proven). What I need to do is modify the user password in Active Directory. I know it can be done - Microsoft says it can, but how?

I think I'm gonna try bwhaley's idea on the first page of this thread: he wrote a Perl script that may work (I have yet to try it). I'll let you know how it goes... vbmenu_register("postmenu_663070", true);

Okay, I tried it, but it isn't going to be easy. I have Perl v5.8.2 on Windows Server 2003, which works fine. I needed to install Net::SSLeay, among others, but it would not compile. First, I got an error from CPAN saying it could not find command 'cl', so I installed Microsoft Visual Studio .NET (something I was reluctant to do on a server, but I needed the compiler). I also installed the Windows version of Open SSL, which CPAN needed to compile NET::SSLeay. I also needed IO::Socket::SSL, and I think that installed.

Anyway, to make a long story short, I couldn't get all the required Perl modules installed to make bwhaley's script work. Anyone else? It seems like the moons have misaligned and something doesn't want me to intermingle PHP and Active Directory.

Matthew i was answering someone elses post (about user authentication via AD..
anyway

I have resetted a users Password in Active Directory from my web interface
it's quite simple but it involves
creating a file on the server then useing PHP to call ldifde
which is what actualy changes the password,
i'm not finnished it yet but once i have i'll post for everyone to see!

Oh, okay - just making sure the thread didn't go that direction .

I'm watchin' this thread hard, so if you post a solution, you can bet I'll be trying it out...

Sorry for the troubles Matthew.. please note that I didn't write the script, I put a link to the site where somebody did. Don't want to take credit for what isn't mine . Also, it is meant to work for *nix, I'm not sure if Net::SSLeay will work with ActiveState Perl..

Where was I when this was posted? Did anyone try it? I'm gonna try it...

Read this thread onward. If you can get it working that'd be great.