As long as it's used in the right context, I don't see it being that bad. If it's on a server that's had its security evaluated, is fully patched and isn't public to the internet I don't see a huge problem with it. The method for using the Windows ASP scripts to change the password work quite well and when used with SSL only increase its security. The script is also limited in its scope with what it can do against AD. Also the ASP scripts provided by Windows don't 'connect' to AD, they only poll it and update it.
Andy Kitzke Network Engineer In-Sink-Erator -----Original Message----- From: James Harless [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 12, 2006 9:19 AM To: [email protected] Subject: Re: Adding Users via Web Interface Seems like an exceptionally bad idea to me. Connecting a webserver to AD so frivolously seems like an invitation to evil-doing. -- James Harless On 4/11/06 7:24 PM, "Crawley, Jim" <[EMAIL PROTECTED]> wrote: > I'm actually quite interested in seeing how this progresses as > well. Right now we have a mixed network and it would be great to have a > way for the end-user to change their own passwords both on the max and > on machines still connected to the netware network. > > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, 12 April 2006 6:51 AM > To: [EMAIL PROTECTED]; [email protected] > Subject: RE: Adding Users via Web Interface > > Adam, > > What's so hard about pressing <ctrl>+<alt>+<del> and clicking the button > that says "Change Password"? It seems like opening up a web browser and > doing it at a web server is not only less secure but also quite a few > more steps! > > Steve Bostedor > http://www.bozteck.com > Bozteck President > > -----Original Message----- > From: Adam Kane [mailto:[EMAIL PROTECTED] > Sent: Tuesday, April 11, 2006 3:33 PM > To: [email protected] > Subject: Adding Users via Web Interface > > Hi all, > > Is there some kind of application I can install on my Windows 2000 > Server IIS machine to allow changing of user passwords via web > interface? This would be used on a LAN for non-savvy users (ie. sales > associates) to change passwords quickly to users on the win2k server > machine. > > Any advice is appreciated. Thanks! > > > Regards, > > Adam Kane > > > ------------------------------------------------------------------------ > --- > ------------------------------------------------------------------------ > --- > > > > ------------------------------------------------------------------------ > --- > ------------------------------------------------------------------------ > --- > > > ------------------------------------------------------------------------ --- > ------------------------------------------------------------------------ --- > ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
