powdarrmonkey Posted October 31, 2008 Posted October 31, 2008 After using some terrible middleware for allowing our librarian to reset passwords, I've finally had enough and written my own. It requires .net 2.0, and for the member of staff in question to be delegated the Change Password privelige in Active Directory. I suggest you set this only on your students OU for obvious reasons. In the config file, set your domain name and the number of characters you would like the new password to use. The application will generate a random alphanumeric password of this length. More features in the works, this is just the Q+D version to get running before term starts again. Enjoy PasswordReset.zip 3
matt40k Posted October 31, 2008 Posted October 31, 2008 Well Done. Not yet tested it. However Wishlist: > Browser users > Select OU > Reset to pre defined password (school) > Force user to change on next login > Disable user (with reason) Create user >> Look at SIMS AD Intergration \ SIMS LG2
matt40k Posted October 31, 2008 Posted October 31, 2008 I know someone who's done all that. Only problem was he hardcode the domain etc. Which isn't a bad thing, just means it's no really portable. Oh and if you could get me a Magners as well
powdarrmonkey Posted October 31, 2008 Author Posted October 31, 2008 They're all perfectly possible, I'm just as usual reluctant to bloat it... there is already stuff out there to do SIMS integration for example. This is deliberately a light, simple tool to achieve a specific task. I do have some feature plans though. Mine's an Old Speckled Hen
matt40k Posted October 31, 2008 Posted October 31, 2008 (edited) Lol, K. Might try it myself later What are your plans? Have you tried reseting a staff password, you shouldn't be able to, as you don't have permission, but it'll be interesting to see how it errors. Lol.... reminds me of Wisbech, just waiting for someone to ask for either black dog, cambridge, golden newt or greyhound!! Edited October 31, 2008 by matt40k Brainache
powdarrmonkey Posted October 31, 2008 Author Posted October 31, 2008 This is how bored I am today: more features for ResetPassword. There's an extra DefaultPassword field to set in the config file. You can now choose to use this password, a random one, or specify one at runtime when resetting a user.PasswordReset.exe.zip
maniac Posted October 31, 2008 Posted October 31, 2008 @powdarrmonkey If you would like the source code for the simelar program I wrote recently to combine into yours to make one 'super' password changer, then let me know. Mine was very tied down to a particular username pattern, but it did have a plus feature that it browsed the directory and displayed a list of usernames rather than the user having to type the username in. You managed to crack what I could never get working in VB.Net, which is reading and writing settings from a config file, which is why I never developed mine any further. The program I wrote is here http://www.edugeek.net/forums/windows/23952-easy-password-reset-software.html Mike. 1
powdarrmonkey Posted October 31, 2008 Author Posted October 31, 2008 Sure, it's C# but I daresay I can translate from VB
FN-GM Posted November 1, 2008 Posted November 1, 2008 Looks good, i will give that a go when i get back to work
Gatt Posted November 1, 2008 Posted November 1, 2008 Already using Wisesoft's Password Control, though yet to suss out how to allow Win2008 to delgate the "Unlock Account" control to staff?? If powdarrmonkey's does this then I may be tempted to switch!
GrumbleDook Posted November 1, 2008 Posted November 1, 2008 If you are looking at a wider ranging tool then I would suggest you have a look through Thomas Eck's book ADSI scripting for Windows 2000. Still quite relevant for 2003 and 2008, but for coders it is a way of designing some spot on admin tools. @powdermonkey : In fact, if you are interested I am pretty sure I have a spare copy somewhere if I haven't already lent it out. The other option is to look at Scripting where there are some handy chunks of code. I used to subscribe to winscriptingsolutions.com which is now part of the above site.
powdarrmonkey Posted November 2, 2008 Author Posted November 2, 2008 @gatt: does this work in Server 2008? If so, I'll write the interface for you. (I presume you mean the attack-deflecting lockout, rather than a disabled account. Either is possible though.) 1
Gatt Posted November 2, 2008 Posted November 2, 2008 Thanks powdarrmonkey, will try that tomorrow - yeah its the attack-deflecting lockout i need to delgate..
TriggerHappyUK Posted July 7, 2010 Posted July 7, 2010 This is how bored I am today: more features for ResetPassword. There's an extra DefaultPassword field to set in the config file. You can now choose to use this password, a random one, or specify one at runtime when resetting a user. Hi, This is almost exactly what I am looking for. Is there any way that there could be an option to force a password change at next logon? Cheers, Chris.
powdarrmonkey Posted July 7, 2010 Author Posted July 7, 2010 I had forgotten I'd even written this.... I will dig out the source some time and see what I can do for you.
TriggerHappyUK Posted July 8, 2010 Posted July 8, 2010 I had forgotten I'd even written this.... I will dig out the source some time and see what I can do for you. Excellent... Cheers for the help. Chris.
kili Posted July 8, 2010 Posted July 8, 2010 You can install the Microsoft server 2003 AD tools on a workstation. Then make the librarian a member of the account operators group in AD and she can do all the password changes she wants with out doing any damage in AD and no special tools needed.
powdarrmonkey Posted July 8, 2010 Author Posted July 8, 2010 You can install the Microsoft server 2003 AD tools on a workstation. Then make the librarian a member of the account operators group in AD and she can do all the password changes she wants with out doing any damage in AD and no special tools needed. Yes you can, but granting account operators gives other undesirable rights and complexity. This tool is designed to be foolproof (well, easy anyway).
kili Posted July 8, 2010 Posted July 8, 2010 Yes you can, but granting account operators gives other undesirable rights and complexity. This tool is designed to be foolproof (well, easy anyway). You can use delegation so they only have access to the OU you've given them access to manage cant you?
powdarrmonkey Posted July 8, 2010 Author Posted July 8, 2010 You can use delegation so they only have access to the OU you've given them access to manage cant you? Sure, but I still don't want somebody unlocking accounts that I've locked for a reason, for example.
kili Posted July 8, 2010 Posted July 8, 2010 Sure, but I still don't want somebody unlocking accounts that I've locked for a reason, for example. Good luck with that
kili Posted July 9, 2010 Posted July 9, 2010 And your point is? My point. I'm not making a point merly wishing you good luck with your endevaours.
mac_shinobi Posted July 9, 2010 Posted July 9, 2010 Something like the password util from wisesoft ?? http://wisesoft.co.uk/software/passwordcontrol/default.aspx
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now