+ Post New Thread
Results 1 to 8 of 8
Windows Server 2008 R2 Thread, Change AD password - Self Service? in Technical; Hi, We run a BYOD device school running mainly Macs. We are trying to centralize our usernames and passwords via ...
  1. #1

    Join Date
    May 2008
    Location
    Thailand
    Posts
    13
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Change AD password - Self Service?

    Hi,

    We run a BYOD device school running mainly Macs. We are trying to centralize our usernames and passwords via AD. I have managed to get AD to connect to our systems (Moodle, Curriculum Mapping, Wiki's and internet filtering). The only problem I have is that people can't change their AD password on there own. I see there are commercial solutions out there but they are pretty expensive. I know on Mac server there is a website you can change it at.

    Anyone got any ideas on how to best do this at minimal cost?

    Cheers,

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,940
    Thank Post
    886
    Thanked 1,693 Times in 1,472 Posts
    Blog Entries
    12
    Rep Power
    447

  3. #3

    Join Date
    May 2008
    Location
    Thailand
    Posts
    13
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Cheers, I did do a search but didn't come up with anything..... didn't know what to search I guess. Will get the tech guys to have a look and see what they think.

    Anyone got reasonably priced commercial software that is decent? We are in Thailand and it is sometimes easier to buy than do in house as our guys can't support it.

    Cheers

  4. #4
    rh91uk's Avatar
    Join Date
    Sep 2008
    Location
    UK
    Posts
    877
    Thank Post
    137
    Thanked 132 Times in 114 Posts
    Rep Power
    36

  5. #5

    Join Date
    Dec 2011
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Are you basically looking for some sort of web based solution that will allow your users to punch their AD username and password into a website and then be able to reset their password? If so it can be done through LDAP via SSL, can be a bit fiddly as you need to have your server setup to generate CA certificates but the actual website / page itself shouldn't be too difficult to script, I do have some LDAP PHP scripts somewhere so I will have a look and see if I can get a simple login and reset your password utility up and running.

  6. #6

    Join Date
    Sep 2012
    Location
    San Diego
    Posts
    2
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by boombah View Post
    Hi,

    We run a BYOD device school running mainly Macs. We are trying to centralize our usernames and passwords via AD. I have managed to get AD to connect to our systems (Moodle, Curriculum Mapping, Wiki's and internet filtering). The only problem I have is that people can't change their AD password on there own. I see there are commercial solutions out there but they are pretty expensive. I know on Mac server there is a website you can change it at.

    Anyone got any ideas on how to best do this at minimal cost?

    Cheers,
    Hello Boombah- I'm a longtime lurker and 1st time poster. I would like to suggest looking at Password Reset PRO from www.sysoptools.com - We run IT at a few EDU campuses and this web based self service tool works very well. We found out about it from another EDU IT shop that uses it. It is secure for extranet (public) access deployment, completely customizable (make your own look / feel), super easy to deploy, has provision for HA/DR, supports mobile device access (iphone, BB, WM, android) and any browser (IE, Safari, Opera, Chrome etc). It is enterprise class but has a very low price point. Sure you can use IISADMPWD but it is only marginally functional- e.g. it will not help with expired, lost or forgotten paswords or locked out accounts. For that you need a more robust solution.

    Unfortunately, most purchasable products of this type are not secure for extranet deployment and will have you do things like run the actual self service website process with domain admin privs, and it must be installed on a domain member server. Also there will be flaky features like a central admin (keys to the kingdom) page directly in the self service portal itself, and you'll probably have to run some sort of SQL or MySql database. All make for a very risky system to publish externally, and you do not want to open up a security hole in your extranet. You also want something extremely bulletproof and reliable!

    We literallty looked at 20 different solutions and the Password Reset PRO was the only one that passed all tests and criteria - For example, the web based portion resides on a non-domain IIS web server in a DMZ away from the internal domain, has no domain credentials, and you manage it just like any regular IIS website. There is an internal portion that has the credentials and it is installed separately from the web site safe inside the LAN. Very cool. We also like Hitachi's "Hitachi ID" but it was much more expensive and we did not need all of the SSO options for connecting various types of systems. Plus it still required running the self service site process with domain credentials. FOSE is also worth looking at and most EDUs can get it cheap, but the self service portion is not as flexible or feature rich as Reset PRO especially in a "BYOD" environment - which is actually very common these days.


    Anyway good luck and hope this helps.

  7. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,756
    Thank Post
    3,265
    Thanked 1,052 Times in 973 Posts
    Rep Power
    365
    There is also the password utility from wisesoft ( www.wisesoft.co.uk ) and also burconix : http://www.burconix.com/?p=software-...ords-free-tool

    previous post here :

    Free self-service password resets for students or teachers?

    There are other previous posts where some on here have made there own utils however I did find this and there appears to be some others on google code :

    pwm - Open Source Password Self Service for LDAP directories - Google Project Hosting



  8. #8
    p858snake's Avatar
    Join Date
    Dec 2008
    Location
    Queensland
    Posts
    1,490
    Thank Post
    37
    Thanked 175 Times in 151 Posts
    Blog Entries
    2
    Rep Power
    51
    Do you use exchange for your email? The newer OWA supports this afaik.

SHARE:
+ Post New Thread

Similar Threads

  1. Self Service Password Reset
    By plexer in forum EduGeek Self Service Password Reset
    Replies: 273
    Last Post: 5th November 2013, 06:51 PM
  2. Users cannot change AD passwords from Macs
    By sidewinder in forum Mac
    Replies: 7
    Last Post: 3rd October 2011, 05:33 PM
  3. Replies: 1
    Last Post: 23rd November 2010, 06:49 PM
  4. Self Service Password Reset
    By rh91uk in forum Virtual Learning Platforms
    Replies: 1
    Last Post: 8th June 2010, 10:30 AM
  5. oracle self service password reset
    By LCPSWolf in forum Coding
    Replies: 4
    Last Post: 8th October 2009, 07:43 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •