Active Directory Password Change Web/IIS

There is a new version available for this tool, you can find more information here!

The following simple website/tool allows a user to change her or his password even when the password is expired or when the administrator enabled “change on next logon”. This is a replacement for the IISADMPWD. You need .net 4.0 and IIS to run this. I use this website at a client i work for who has federated users in office 365. In this case, it is not possible to change a password via portal.microsoftonline.com. I also wrote a powershell script which sends an email every day to every user which has a password which is about to expire. In the email i include the link to this website.

Configuration can be done via web.config and needs 5 settings:

  • Domain: internal domain name of the Active Directory
  • SearchString: Where to look for the users
  • Username: Username with permissions to set, expire and unexpire user passwords
  • Password: Password for this user
  • PasswordExpiresInDays: Provide in how many days the password expires in AD. Used to calculate if the user password is expired.

PasswordChangerWebScreenshot1

You can find a zip with the solution here. The source code here.

[coinwidget address=”1GXAYiCyBg479o1wFMRjUYP2xPCMxhZUTH” currency=”bitcoin” counter=”count” alignment=”al” qrcode=”true” auto_show=”false” lbl_button=”Donate” lbl_address=”Donate” lbl_count=”Donate” lbl_amount=”$$$”] [coinwidget address=”LXp1gpZFus6PpmqDt2izsxGi8yHjdPwMdj” currency=”litecoin” counter=”count” alignment=”al” qrcode=”true” auto_show=”false” lbl_button=”Donate” lbl_address=”Donate” lbl_count=”Donate” lbl_amount=”$$$”]

23 Responses to Active Directory Password Change Web/IIS

  1. Devendiran says:

    Hi,

    This is working fine. Could you please give me source code to convert the language.

    thanks

    Deva

  2. JSCCTech says:

    Thanks for this great tool! I tried to submit a question on your Contact page, but the CAPTCHA is blocking me. We’d also like to see the source code. Is there a way to encrypt or otherwise hide the password in the web.config file? -Joseph

    • Luke says:

      I have e-mailed you the source code. You can embed the username/password in the code instead of in the web.config. But if someone do-compiles the code it would still be visible. I have no idea for a encrypted solution at the moment.

  3. Markus says:

    Great tool, it works like a charm!
    Could you send me the source code, too?
    I would like to embed user/password and have a go at obfuscation…
    Thanks,
    Markus
    PS. the captcha did not work for me either…

  4. Zachary says:

    Awesome tool that i search for a long time to help user to change password through web.
    Could you send me source code?

    Thanks in advance,
    Zachary

  5. Esteban S says:

    Very good tool,

    Might I send you the source code?

  6. BobDeBuilder says:

    Hi, Cool application! Can you send me the source code?

  7. Mickey says:

    Fantastic tool.

    My I have a source code to change language, please

  8. John D. says:

    Hi,

    This is a great solution for federated users. Can you send me the source code to change language and add a dirSync script portion to launch a sync after the password changed.

    Thanks.

    Regards,

    John.

  9. Bojan B. says:

    Great solution. Can you share the source code with me, so I can translate it to Serbian.

  10. Gelier Moreno says:

    Great solution. Can you share the source code with me?

    Thanks,

    Gelier Moreno.

  11. Marcin says:

    Hello, I was looking for such tool for a very long time. Can I also request a source code? Thanks!
    Marcin

  12. Tuukka says:

    Hey!

    Nice app can you give source code? I am lookin this kind page long time after office 365 released.

  13. Parin Thaker says:

    Can you send me source code?

  14. Parin Thaker says:

    Hi,

    Your work is excellent. it showing unhandled exception when using first name or last name in password. if you can share source code. I would like to refine this code. my gentle request to share source code.

    Thank you for such great efforts and sharing your knowledge.

    -Parin Thaker-

  15. Tim Atwood says:

    Thank you for sharing your product. I’ve been on the search for an online password changer for a while now that wasn’t out of this world difficult to get going. With in 10 minutes got it working like a charm.

    Thanks again!

    Tim Atwood

  16. Nigel says:

    Hi Luke.

    Great tool. Could you possibly change it (or advise) to support local Windows accounts – I have tried with the web.config, but I am guessing the directory provider is looking for an LDAP connection?

    Many thanks.

    Nigel

  17. Patrick COURBY says:

    Hi,

    This utility work very well. It is possible to send me the source code because i am french and i want change all message in french language.

    Excuse me for my English

    thanks

    Patrick

  18. Johannes Bruhne says:

    Hmm, does not work on 2008 R2, IIS 7.5.7600.16385

    Password was not changed! Error: Exception has been thrown by the target of an invocation., at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at System.DirectoryServices.AccountManagement.SDSUtils.SetPassword(DirectoryEntry de, String newPassword) at System.DirectoryServices.AccountManagement.ADStoreCtx.SetPassword(AuthenticablePrincipal p, String newPassword) at PasswordChangerWEB._default.btnSubmit_Click(Object sender, EventArgs e), System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

  19. Mehmet Cakoglu says:

    http://www.tuser.nl/wp-content/uploads/2015/03/PasswordChangerWEB-Org.zip code download address not working, could you please update?

  20. ruben says:

    This is a very good script. I’m now rinning it in a windows server 2016. a few notes of advise: if you get: Exception from HRESULT: 0x80070005 (E_ACCESSDENIED) try entering the username (Username: Username with permissions to set, expire and unexpire user passwords) as domain/username. This username has to have the relevant permissions in the active directory, that in my case is a member of the build in administrators account.

Leave a Reply

Your email address will not be published. Required fields are marked *