Discussions
Categories
Groups
Community Home
Categories
INTERNAL ENABLEMENT
POPULAR
THRUST SERVICES & TOOLS
CLOUD EDITIONS
Quick Links
MY LINKS
HELPFUL TIPS
Back to website
Home
Web CMS (TeamSite)
Reset Password from TeamSite Login Screen
PaulD
Has anyone attempted to add a button to the TS (NT/2000) login screen that allows users to reset their passwords?
Find more posts tagged with
Comments
Adam Stoller
In case you never resolved this ... (if you did, please share the information) ...
I don't think you can add buttons to the UI (at least not in a supported manner) - instead - consider using a custom menu item. I believe you could use the
Win32API::Net::UserChangePassword(
server, user, old, new
)
method - unfortunately I don't know whether it does any encrypting, nor whether you can get it to work if the user isn't actually logged into the server.
--fish
(Interwoven Senior Technical Consultant)
PaulD
No, never resolved this. I'm looking for a way for users who
forgot their passwords to have it reset (and then sent to their
email addresses) right from the login screen. It's too high
maintenance to require a helpdesk for this.
We have a change password function like the one you
suggest for our windows installations and are working on
one for our AIX installations.
Paul
Adam Stoller
'm looking for a way for users who forgot their passwords to have it reset (and then sent to their email addresses) right from the login screen. It's too high maintenance to require a helpdesk for this.
Uhm - this sounds like a
major
security hole in the making - unless you make
very
sure that the person requesting the password change is indeed the person associated with the account.
(e.g., I go in and type your userid in - and bingo - your password changes and all of a sudden you can't login in - even to read your email and find out what your password was changed to!)
Or is the AIX system only being used for TeamSite (i.e. all other accounts are windows-based? For Unix systems, you can usually set up the local password file to use a different default shell (like /bin/passwd) and provide a Perl [or other] program that performs a telnet to the server ... hmm, but that still requires that they know their existing password ...
Okay - similar to the above - you could have a setuid root script that zap's their password from the /etc/password and/or /etc/shadow file and then reassigns a randomly generated password and sends email to the associated email address.
I still think this smacks of potential problems - and that sometimes the pound of helpdesk maintenace cost is worth the expenditure over the ounce of freely run automation. Better to provide the helpdesk people with a semi-automated system for doing this and still requiring the individual to submit the request to them IMO.
--fish
(Interwoven Senior Technical Consultant)
PaulD
Yea, an assumption is that the email system is different from TeamSite. But your comment "even to read your email and find out what your password was changed to!" begs the question, can use the same userid and password for your email system? How would you keep them in sync (unless it is unix, right?) But why would you do this? Anyway, those are side questions.
Thanks a ton for your help!
Paul
