« Previous Next »

• 11-03-2009, 5:50 AM

  aacable Joined on 11-03-2009, 10:45 AM Posts 2

  IISADMPWD , Security Issue: any user can change other user password Reply Contact Hi, I am using IIS6 / iisadmpwd module  to give user option to change there password via web. But the issue is that any user can change other user password , for example John can change smith's password if he knows his password. (In our orgnaization, we have one common password for all users) How to restrict users to change there account password only ?   Regard's Syed Jahanzaib N.A.E.i http://www.nae.com.pk

  Tags: iiswindows 2003active directoryiisadpwd

• 11-03-2009, 6:13 AM

  In reply to

  qbernard Joined on 03-26-2003, 2:12 AM Malaysia Posts 3,252	Re: IISADMPWD , Security Issue: any user can change other user password Reply Contact This is not technology flaws when implemented wrongly, right? Same deal - If I have the key to your house, you can't really stop me from entering your house. In this case, don't share user's password to others. Cheers, Bernard Cheah

• 11-03-2009, 10:46 AM

  In reply to

  tomkmvp Joined on 03-20-2003, 10:27 AM Central NJ Posts 6,254	Re: IISADMPWD , Security Issue: any user can change other user password Reply Contact aacable: How to restrict users to change there account password only ? Don't share passwords. Tom Kaminski IIS MVP http://mvp.support.microsoft.com/ http://blogs.iis.net/tomkmvp/ http://www.linkedin.com/pub/8/690/408 http://www.bluesrepublic.org/

• 11-04-2009, 12:54 AM

  In reply to

  aacable Joined on 11-03-2009, 10:45 AM Posts 2	Re: IISADMPWD , Security Issue: any user can change other user password Reply Contact so any workaround ? how can i provide user a web base option to change there password ?

• 11-04-2009, 2:33 AM

  In reply to

  qbernard Joined on 03-26-2003, 2:12 AM Malaysia Posts 3,252	Re: IISADMPWD , Security Issue: any user can change other user password Reply Contact Err.. even you get a new web app to help you change the password for free, you still have the issue coz the password is shared. Cheers, Bernard Cheah

• 11-04-2009, 1:19 PM

  In reply to

  tomkmvp Joined on 03-20-2003, 10:27 AM Central NJ Posts 6,254	Re: IISADMPWD , Security Issue: any user can change other user password Reply Contact aacable: so any workaround ?  Stop using one common password for all users. Tom Kaminski IIS MVP http://mvp.support.microsoft.com/ http://blogs.iis.net/tomkmvp/ http://www.linkedin.com/pub/8/690/408 http://www.bluesrepublic.org/