CF8 does not "directly" provide anything new to changing an Active
Directory password.
However, you could use the .NET integration to call a .NET assembly that
would change the password.
You can maintain group membership using CFLDAP. Below are two code
snippets that will add/remove members from a group.
<cfldap
action="modify"
modifytype="add"
attributes="member=#userDistinguishedName#"
dn="CN=Group,DC=domain,DC=com"
separator="|"
server="domaincontroller"
username="username"
password="password">
<cfldap
action="modify"
modifytype="delete"
attributes="member=#userDistinguishedName#"
dn="CN=Group,DC=domain,DC=com"
separator="|"
server="domaincontroller"
username="username"
password="password">
You can use the "managedBy" attribute, of each group, to determine who
has access to modify a particular group.
M!ke
-----Original Message-----
From: Asim . [mailto:[EMAIL PROTECTED]
Sent: Friday, November 30, 2007 9:02 AM
To: CF-Talk
Subject: Re: Resetting Active Directory Password using CFLDAP ?
Is there anything new introduced in CF8 for resetting the AD password?
Any new technique is being used since this was used back in feb?
I am involve in a project where I need to give access to the users to
reset their passwords as well as add/delete the AD group permissions to
those AD users.
Any help would be highly appriciated.
thanks,
>It would be possible, but you would need to ask them something that
>only they know, other than their password. For example, "What is your
>mother's maiden name?"
>
>Of course, you would need to store that information somewhere, either
>in AD or a database. Be careful if you store it in AD, because AD can
>be queried by anyone with a domain account.
>
>Or, you can have them provide a secondary email address where all
>password reset requests would be sent. This is probably the safest
>method.
>
>I have thought about implementing this, but we don't get that many
>support calls for lost passwords, as far as I know. The next upgrade
>to our intranet will probably have this feature, however.
>
>But this would be for users who have forgotten their current password
>and wish to reset it online (on another pc) without phoning the
>helpdesk to reset it.
>
>So is this scenario possible ?
>
>
>------------ login page snippet ----------
>
><cfform method="POST" action="processing.cfm" name="Form">
>
>Windows Logon : <cfinput type="text" name="sAMAccountName" size=22
>><br> First Name : <cfinput type="text" name="givenName" size=22 ><br>
>Surname
>: <cfinput type="text" name="sn" size=22 ><br> E-Mail : <cfinput
>type="text" name="mail" size=22 ><br>
>
><input type="image" src="search.gif" border="0" style="cursor:hand"
>width="49" height="18"> </cfform>
>
>------ authenticate and processing.cfm page snippet -----------
>
><cfset StartOU="dc=domain, dc=co,dc=uk"> <cfset filter =
>"(&(objectClass=user)"> <cfif len(trim(Form.givenName))>
> <cfset filter = filter & "(givenName=*#Form.givenName#*)"> </cfif>
><cfif len(trim(Form.mail))>
> <cfset filter = filter & "(mail=*#Form.mail#*)"> </cfif> <cfif
>len(trim(Form.sn))>
> <cfset filter = filter & "(sn=*#Form.sn#*)"> </cfif>
> <cfif len(trim(Form.sAMAccountName))>
> <cfset filter = filter & "(sAMAccountName=*#Form.sAMAccountName#*)">
></cfif>
>
><cfset filter = filter & ")">
>
><cfldap action="query"
>name="adresult"
>attributes = "sAMAccountName,dn, cn,sn,givenName,password, mail,ou"
>start="#StartOU#"
>scope="subtree"
>filter="#filter#"
>server="servername"
>port="port"
>username="username"
>password="password"
>>
>
><cfset session.user = #sAMAccountName#> <cfoutput query="adresult">
>
>Hello #cn#
><br>
><cfform method="POST" action="changepassword.cfm" name="search">
><p>Enter New Password<cfinput type="text" name="password"></p>
><p>Confirm New Password<cfinput type="text" name="password1"></p>
><input type="image" src="submit.gif" border="0" style="cursor:hand"
>align="right" width="49" height="18"> </cfform>
>
></cfoutput>
>
>---------------changepassword.cfm page snippet------
>
><cfset args = "user #session.sAMAccountName()# #form.password1#
>/domain">
>
><cfsavecontent variable="results">
> <cfexecute name="c:\windows\system32\net.exe" arguments="#args#"
>timeout="10" />
></cfsavecontent>
>
><p>Your password has been changed </p>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
ColdFusion 8 - Build next generation apps
today, with easy PDF and Ajax features - download now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294027
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
