Created updated version with added features!

Dec 2, 2013 at 7:05 PM
Hello, I know this is an older project but one that could still help out a lot of people.

I updated this project recently to ensure it works on server 2012 with no issues. I also added a new feature which gave the portal real account management.

The biggest problem for my purpose was that users did not know their password so that would still require the admins assistance which rendered this portal useless in effect. So what ive done was created a new home page that a user can reset their password without knowing their password. A user will land on the home page and be given a choice, first to login or to reset. If they choose to reset the user must have an email defined on their user account. If they do, then the new feature will randomly generate a password and then email it to the email account on their AD account profile.

This really gives the portal more self management. If anyone wants a copy of this, please let me know. Thanks!
Dec 11, 2013 at 2:13 PM
I think that would really add to this project!
Dec 13, 2013 at 4:22 AM
How do I get this?
Dec 19, 2013 at 6:39 PM
@HatBeard - unfortunately, when trying to be added to this project to share my code, I was denied without a reason. If you'd like private message me with your email address and I will send you over the set up files I created to get it going with the new features I added!

@captainwasabi - send me an email with your email address and Ill do the same.
Coordinator
Dec 19, 2013 at 6:50 PM
rmittler,

We'd be more than happy to review your changes for potential inclusion into the project. However, as we mentioned in the message to you, we prefer changes be submitted as patch file requests prior to granting modify access through CodePlex. Opening up the repository to anyone isn't a great security idea and we need to vet the changes prior to merging them with the trunk repository.

So as I mentioned before with the deny message, please submit a patch request if you'd like your changes included.

Thanks!
Developer
Jan 14, 2014 at 9:14 PM
I like the idea, but there are security issues possible or other complications. Since there is no authentication anyone could force a reset either mistakenly or maliciously. Also if the email system is authenticated against AD, how are they going to login to email? Also the most likely user case of password reset is they are locked out of their computer, then how are they going to even use a browser? Yes there are work arounds to this, but what is most painless for the user and the guy that has to answer the phone when they call?

The solution I have road mapped out a bit uses the MS GINA Extensions. This allows us to place a password reset button on the standard login dialog. This takes them trough a process where they answer some security questions to verify they are who they say they are and then have their account unlocked. Of course all this requires the users have those security questions stored in the system already, but that too can be built in so that on the first password change, they must populate those questions and answers.
Feb 18, 2014 at 1:55 PM
KENTWA
What you describe is exactly what we need, can you share?
Developer
Feb 18, 2014 at 4:10 PM
I have not done any coding, but rather a lot of research. We have a bit of work remaining before we are at the level required to support this in uManage. There is a TechNet Blog article that covers this with source code:
https://blogs.technet.com/b/aho/archive/2009/11/15/custom-credential-provider-for-password-reset.aspx

If someone wanted to build the required services into uManage we would love to have them submit it for review and inclusion.
May 21, 2015 at 4:06 PM
I'd like a copy of this!