Re: Password retrieval app

From: Brandon McCombs <none@xxxxxxxx>
Date: Sat, 31 Mar 2007 02:04:42 -0400

al.softdev@xxxxxxxxx wrote:

Hello,

I would like to create an online app where if the user (has account on
AD) has forgotten the password, can reset the password and that will
send a link to their email address to reset this temporary password.
This is almost similar to the password reset emails that we receive
from most of the online sites now.

Can someone guide me where I need to start? Anywhere from links to
ideas would be helpful

You need to use JNDI to access the ADS LDAP database, however setting/resetting a password in ADS is only allowed through a SSL connection. That is just something that it enforces so you can't get around it (at least in this case they have high security).

Here is some of the code I use to do the password preparation and actual modification work:

public byte[] processPassword(String pass) {
String newQuotedPassword = "\"" + pass + "\"";
try {
return newQuotedPassword.getBytes("UTF-16LE");
} catch (UnsupportedEncodingException Ex) {
LDAPMgr.mesgBar.setText(" Error encoding
password to unicode: " + Ex.getMessage(),
AlertStatus.ERROR);
return null;
}
}

public void setPassword(String dn, String pass) throws Exception {
ModificationItem[] mods = new ModificationItem[1];
byte[] newUnicodePassword = processPassword(pass);
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("unicodePwd", newUnicodePassword));
ctx.modifyAttributes(new LdapName(dn), mods);
}

You will need to setup your InitialLdapContext object by authenticating as some type of administrative user which will be used to set the user's password on the user's behalf (an SSL cert. must be created for that user so the SSL handshake can be made).

If you need further help let me know. I've created an LDAP application that allows various operations to be performed to ADS as well as other directory servers so I know the pitfalls you may run into.
.

References:
- Password retrieval app
  - From: al . softdev

Prev by Date: Re: Newbie Question: Problem with Tomcat and MySql
Next by Date: Re: Networking works from computer A to computer B, but not vice versa ?!?
Previous by thread: Password retrieval app
Next by thread: Weblogic 8 to 9 conversion
Index(es):
- Date
- Thread

Relevant Pages

Re: User search in ADS Snap-in
... > I have a Windows 2003 ADS with a lot of OUs and sub OUs in which all the ... > Search for the user ID in the ADS snap in and then reset his password. ... > asking the end user about all his department details. ...
(microsoft.public.win2000.active_directory)
Re: OWM and OMA and Active Sync
... Have you tried installing the cert and reset it to use SSL ... Cris Hanna [SBS-MVP] ...
(microsoft.public.windows.server.sbs)
Password retrieval app
... I would like to create an online app where if the user (has account on ... can reset the password and that will ... This is almost similar to the password reset emails that we receive ...
(comp.lang.java.programmer)