I am using the ADSI objects to retrieve groups and users informations. If possible, how can I retrieve the user password? I've search in Microsoft.com but I find only the SetPassword function (that of course changes the user password).
I am looking at the ability for a user on my website to add/remove/edit windows user accounts, thus controlling access to my website. I have integrated windows authentication checked on the website and unchecked anon access in IIS, so I am always asked for a username and password.
I have seen some ADSI scripts that I can use in my ASP pages to manipulate local user accounts. However, when I try and use these they dont work as I need to have admin rights. Of course I don't wish to add the user to the admin group for security reasons.... Anyone have a code snippet to do this?
I want to be able to log in a database any transactions my users perform. For example logging in, requesting a page, downloading a resource, logging out etc.
What is the most practical way to code this? I was thinking of trying to use an include file which would have a function to add a log in the database for each page on the site or when a particular action is performed.
I've create a log in page connecting to a database that stores its passwords in MD5. Can someone point me in the right direction on how I can get my login page to recognize those passwords? Here's the code I'm using: Code:
i have the following code to check if two password fields submitted equal each other. If they do then passwordok = 1 else it = 0. No matter that i put in the two fields it always = 0. can anyone see whats wrong? Code:
Can anyone tell me how to apply a password to an Access database and then open the database with ASP. I know how to do this without the password, but have not been able to make the password work.
In my access database i have 2 tables called seceret question and secret answer. I would like to provide users with thier passwords without using emails. There would be a screen where they can enter thier username, secret answer then thier password will be displayed on the screen. Or alternatively they could just enter thier username and thier password
Can someone help me with creating a password in asp? i know how to create a password for a single user, so how would you create one for multiple users? also i want to know how it is stored in a database, e.g. MS Access
I made a website for my work and we have it secure to where you have to login when you come to the site. But for some reason when you use the check box to SAVE PASSWORD it will not save the password.
So each time a client comes back to the site they have to put thier password in (and they arent happy about it) Just wondering if there is a setting I can turn off or turn on to enable the passwords to be saved.
I have an access dbase that holds and an expiry date. I need to compare the expiry date with the current date and if it is later than the current date it will allow access (if the username password is correct of course)otherwise it will display an error message saying that membership has expired.
what is the best way to create secure passwords in a database. I have a login system that can create users but it saves the users passwords in clear text. how would i go about doing this so if people look in the database they will not know the password.
I'm working in ASP (not ASP.NET), and want to create a user database, with username and password. Though it isn't really necessary, since the program will be used on an intranet and by few people, I'd like to have the passwords stored and compared as hash values, for extra security.
However, I'm having trouble finding out how to do hashes in ASP. All the exampes I'm finding are for ASP.NET (and, no, I can't upgrade.) What function(s) would I use for hashing in ASP? Can it even be done?
What I want is to have a user log on with a username/password which I give to them. When they type it in I want it to direct them towards a specific form for them.
What I am doing is running a soccer league. so I want a team to be able to log in and then show up a form where they can enter stats from their game, and about their players which will go into a database. I am unsure how to go about having a different form show up for different users.
we are developing an intranet application(web based)which needs to detect the logged in user ID of the user hitting the website.the intranet is huge and based on win2k active directory(around 20-30 different domains)with 25K+ users.i dont want to use "NT challenge response" for this pupose.
I am exploring ways using ADSI and WMI to query the Active directory by using the IP address in the incoming web request and trying to figure out the user ID logged into that machine how is it possible?
But instead of the absolute I want to set it up for a share on another computer with the path jotts2cinetpubwwwroot & userName . With the login Credentals of username admin password admin <<Just example. If everyone is like eh'. Free hosting to the person that figures it out.
I have found some code that authenticates users agains a domain using ADSI. I then redirect to another page and pass the username they have entered as a string. However, it would be nice to also get their full name from Active Directory once authenticated. Can anyone suggest how I may modify this code to achieve this? I would also like to pass their full name to the next page as a string. The code I found: Code:
does anyone know of any good tutorials on how to get a login and password checker.
basically ive got a home page with forms to log in and give password which get sent to an asp page i then need to check that username and password with the relevent one in the database or check if they are wrong or do not exist.
I have a requirement to enforce strong passwords from a customer, and I can only assume they won't be the last to ask for it.
Does anyone have any pointers for handling complex passwords? In this particular case I need to enforce.
between 6 and 16 Case Sensitive AlphaNumerics with at least one non-AlphaNumeric character. min and max I've got, but I'm not sure where to go with the rest.
I'm trying to create a MySQL table for users in a Drupal install (as I've accidentally deleted it).
So, i go through my existing tblContacts and write out Firstname, Lastname, email, password, etc., formatted for MySQL.
Everything goes perfect UNTIL i try to MD5 hash the password (via the included MD5_js.asp): for some reason, it is returning the same hash for every user. If the hash function is not applied, each users unique password appears as normal. Code:
We have a web application where we want a user to be able to change his/her password if the password has expired but we are unable to do this with ASP at the moment because we can't log the user into the database without a valid password.
We do not want to store any "admin" user info to connect to the database to change the users password for security issues.Does anyone have any ideas of how we could go about doing this?
I need to tighten up security on my page... only thing is, I can't change file permissions. I have databases and normal files (.dat) that I don't want someone to be able to just type the URL to and be able to get into it all. For example, I have a database with usernames and passwords, but if someone found out/guessed the URL of the DB then they could open it all.
how can I use Encrypt in Access so that if someone guessed the URL then they couldn't just open it? Basically, I know how to do that in Access... but what I don't know is what code to add to my ASP pages to decrypt/un-password protect it so I can open it. If it is possible to stop someone from having access to a file by just using global.asa.
I know this isn't the best group to ask this in - but I also know a lot of you have experience with this kind of stuff I'm going to be creating a site where customers will be able to set up their own sub-site (ie. www.mysite.com/theirsubsite). I'll need to be able to create virtual directories on-the-fly, so I plan on using ADSI to accomplish this. My question is - what are my options when it comes to permissions? Will I need to give the IUSR account admin permissions to create these directories, or is there some way to impersonate an admin account on the script creating the directories? Has anyone dealt with this before?
Has anyone ever experienced any problems authenticating with an ADSI application where after so long it stops responding. I can not track down what is causing the problem. I have a login page that uses the following code. This is running on a windows 2003 domain controller currently. If I put it on a windows 2000 member server I get this error way more often.
Dim oADsObject Set oADsObject = GetObject(strADsPath) Dim strADsNamespace Dim oADsNamespace strADsNamespace = left(strADsPath, instr(strADsPath, ":")) set oADsNamespace = GetObject(strADsNamespace) Set oADsObject = oADsNamespace.OpenDSObject(strADsPath, strUserName, strPassword, 1)
It authenticates fine, but after so long the login page stops working. If I restart the application pool the page starts to work again. I have a volume of about 500-700 users authenticated at any given time. Should I be authenticating a different way?
how (or if it's even possible) to cache the results of an ADSI call in asp for a longer period of time. Basically what I am doing is I have a website that loads the 'full name' of the user that logs into it. Once the user full nam ehas been retreived (using adsi) the user can reload the page and it appears to just check a cached version of the request (since the page loads very fast).
If however the user waits a bit longer (maybe 5 min) and reloads the page it will take upto 4 secs to load the page (since the adsi call is being resubmitted). Is there anyway to increase the length of time that adsi info is cached?
I have a ASP/vbscript program that generates random passwords. The problem is I need to insert those passwords into an Access database of 327 clients. I have the random password program generating the 327 passwords, but have had no luck inserting them. Code:
First the brief: I'm currently developing an intranet at work. We have approximately 3000 users and they keep forgetting their passwords. We have 3 Tech-Support guys who keep having to reset them. The idea was to build a function in to the intranet to allow department heads to be able to reset other users passwords via asp.
All well and good. After a fair bit of reading, I've acquainted myself with the basics of talking to Active Directory and retrieving various objects, properties and values.
My problem is that when I try to update any of the objects (i'm focusing on the .description property at the moment 'cos when I break it - that's not gonna matter so much) But when I try and SetInfo, I get a General Access Error. My ServerVariables("LOGON_NAME") is empty. I was wondering if there was a way to force an asp page to run as the server administrator 'cos obviously when department heads login, we don't want all of them to be AD Admins. All they should be able to do is run my script to reset a password.
I'm not actually the server admin, and don't really know the specifics of IIS, but can I just tell it to run specific scripts as domainadmin? Or can I pass something in the asp headers to force it to authenticate as admin?
In the intranet system I'm building I need to draw information about Staff and integrate it into Department pages, and make it accessible via querystrings (so users can search for names). I've asked my IT department how to do this and they basically said "ask the internet"
So, if I want to access such information, where do I start? I cant find any tutorials that answer my questions, and feel a bit out of my depth regarding what I'm even meant to be asking. So basically... help! What's should be my plan of action!
I need to :
A) draw names, phone numbers, email addresses to show on relevant department pages.
B) Make a facility to search staff names to bring up similar information.