drz49609 2016-06-10 13:19
浏览 169
已采纳

Active Directory密码重置

We're trying to implement a php-based active directory password reset for our local intranet. One of the major requirements is that it respects the password policies set up in AD.

I've got a solution working well for when a user wants to reset their password, and they know their old password - essentially just a remove/add batch.

However, I'm having trouble figuring out a solution for when a user has forgotten their password. Because we don't know the old password, we'd have to do an administrative reset, but that doesn't respect the password policy. Alternatively, we could administratively reset the password, and then immediately force the user change their password. Unfortunately, doing two password resets in a row would force us to have the 'password minimum age' requirement turned off.

It seems like this has to be a typical use-case, so I'm guessing I'm just missing something obvious?

Thanks!

  • 写回答

1条回答 默认 最新

  • duanmeng3573 2016-06-10 13:50
    关注

    To have an administrative password reset respect the AD Password Policy for the user you must use a specific control OID. There has been a patch in the PHP bug tracker for a while to implement this functionality in an easier form:

    https://bugs.php.net/bug.php?id=69445

    It's still possible to do without this patch, but the encoding for the value used by the control is the hard part. Luckily someone else has already figured it out. See this answer for what you're looking for:

    https://stackoverflow.com/a/26763748/2242593

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 Python安装cvxpy库出问题
  • ¥15 用前端向数据库插入数据,通过debug发现数据能走到后端,但是放行之后就会提示错误
  • ¥15 python天天向上类似问题,但没有清零
  • ¥30 3天&7天&&15天&销量如何统计同一行
  • ¥30 帮我写一段可以读取LD2450数据并计算距离的Arduino代码
  • ¥15 C#调用python代码(python带有库)
  • ¥15 矩阵加法的规则是两个矩阵中对应位置的数的绝对值进行加和
  • ¥15 活动选择题。最多可以参加几个项目?
  • ¥15 飞机曲面部件如机翼,壁板等具体的孔位模型
  • ¥15 vs2019中数据导出问题