iisadmpwd questions
in [IIS]
|
Prev: ServerManager object not working on Windows Server 2008
Next: IIS 6.0 and SQL Express 2005: Change Database (DEV -> PROD)
From: wildgoosed on 1 Dec 2009 13:10 Hey everyone, this is my first post to this group. Nice to see that it is pretty active. A little background information before I present my problem. I have a large user base that primarily uses outlook web access. They do not have access to workstations on our domain. We are running a Windows server 2008 domain with Exchange 2007. Our password policy is setup to expire passwords after 60 days. For our domain users at the office this is no problem. When they login windows directs them to a password change screen and they can update their password. For my OWA users this is not the case. If they do not listen to the password expiry warnings, they are simply unable to authenticate and login after the 60 days. Funny users :) According to the follow article ( http://msexchangeteam.com/archive/2008/12/09/450238.aspx ) the only ways to allow OWA users to update expired passwords are: a) Use ISA server ( which we do not have ) b) To use IIS 6 iisadmpwd. I do have a Windows Server 2003 box around running IIS 6 so I am very interested in this approach. I have a few questions I was hoping could get answered. I tried googling around the best I could before posting here. 1) It seems that there are several ASP scripts with this iisadmpwd site. A script for changing a users password, a Script for changing a users password that has already expired ect. Should I build a default page that guides the users to the appropriate script, depending on the situation? 2) I thinking that I am going to have to allow anonymous access to this site as the users can't authenticate. Is that correct? 3) Is there a better way to provide this setup? I am I missing anything ?
From: wildgoosed on 2 Dec 2009 17:29 I first created a default page guiding each visitor to the specific script they needed, but then I realized that the aexp3.asp will change passwords that have and have not expired. Best of both worlds. Is anyone still using IISADMPWD is a similar fashion ? On Dec 1, 11:10 am, wildgoosed <david.wildgo...(a)gmail.com> wrote: > Hey everyone, this is my first post to this group. Nice to see that it > is pretty active. > > A little background information before I present my problem. > > I have a large user base that primarily uses outlook web access. They > do not have access to workstations on our domain. We are running a > Windows server 2008 domain with Exchange 2007. > > Our password policy is setup to expire passwords after 60 days. For > our domain users at the office this is no problem. When they login > windows directs them to a password change screen and they can update > their password. > > For my OWA users this is not the case. If they do not listen to the > password expiry warnings, they are simply unable to authenticate and > login after the 60 days. Funny users :) > > According to the follow article (http://msexchangeteam.com/archive/2008/12/09/450238.aspx > ) the only ways to allow OWA users to update expired passwords are: > > a) Use ISA server ( which we do not have ) > b) To use IIS 6 iisadmpwd. > > I do have a Windows Server 2003 box around running IIS 6 so I am very > interested in this approach. > > I have a few questions I was hoping could get answered. I tried > googling around the best I could before posting here. > > 1) It seems that there are several ASP scripts with this iisadmpwd > site. A script for changing a users password, a Script for changing a > users password that has already expired ect. Should I build a default > page that guides the users to the appropriate script, depending on the > situation? > > 2) I thinking that I am going to have to allow anonymous access to > this site as the users can't authenticate. Is that correct? > > 3) Is there a better way to provide this setup? I am I missing > anything ?
From: Jeffrey Ingalls on 2 Dec 2009 20:01
Good job. I used to use this page for a way for external people on a trusted VPN to reset their account passwords. The only thing special I did was to populate the domain name so that people weren't confused on what to enter. All the best, Jeffrey Ingalls "wildgoosed" wrote: > I first created a default page guiding each visitor to the specific > script they needed, but then I realized that the aexp3.asp will change > passwords that have and have not expired. Best of both worlds. > > Is anyone still using IISADMPWD is a similar fashion ? > > > On Dec 1, 11:10 am, wildgoosed <david.wildgo...(a)gmail.com> wrote: > > Hey everyone, this is my first post to this group. Nice to see that it > > is pretty active. > > > > A little background information before I present my problem. > > > > I have a large user base that primarily uses outlook web access. They > > do not have access to workstations on our domain. We are running a > > Windows server 2008 domain with Exchange 2007. > > > > Our password policy is setup to expire passwords after 60 days. For > > our domain users at the office this is no problem. When they login > > windows directs them to a password change screen and they can update > > their password. > > > > For my OWA users this is not the case. If they do not listen to the > > password expiry warnings, they are simply unable to authenticate and > > login after the 60 days. Funny users :) > > > > According to the follow article (http://msexchangeteam.com/archive/2008/12/09/450238.aspx > > ) the only ways to allow OWA users to update expired passwords are: > > > > a) Use ISA server ( which we do not have ) > > b) To use IIS 6 iisadmpwd. > > > > I do have a Windows Server 2003 box around running IIS 6 so I am very > > interested in this approach. > > > > I have a few questions I was hoping could get answered. I tried > > googling around the best I could before posting here. > > > > 1) It seems that there are several ASP scripts with this iisadmpwd > > site. A script for changing a users password, a Script for changing a > > users password that has already expired ect. Should I build a default > > page that guides the users to the appropriate script, depending on the > > situation? > > > > 2) I thinking that I am going to have to allow anonymous access to > > this site as the users can't authenticate. Is that correct? > > > > 3) Is there a better way to provide this setup? I am I missing > > anything ? > > . > |