> i've managed to reinstall imail v6.5 on a win 2000 system with > password changes being synchronised via the web interface and the nt > sam.
Wow, you're quite right! I reinstalled as well and found the same...well, I have to call it a bug. IADMIN behaves as expected across versions, while IWEBMSG 6 seems to offer additional functionality that was later eliminated. My guess is that the implicit delegation of NT SAM/AD DC password-changing permissions to users who are only IMail host administrators, and allowing users to change passwords without regard for MS policies, was too great of a vulnerability. Or there may actually have been bugs within the password-change routines themselves that made them non-functional in certain environments. Bear in mind that 6.x has several bugs and security holes that were not patched within that major version. > Any suggestions ?? Yikes. It seems like the protection is built into the IWEBMSG server in 7+, so you can't even tweak a template, AFAICS. -Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
