Re: Sending users an email when they change there password

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 05/21/04

• Next message: Admin: "Can I change domain name in AD"
• Previous message: anonymous_at_discussions.microsoft.com: "Re: Sending users an email when they change there password"
• In reply to: Lanwench [MVP - Exchange]: "Re: Sending users an email when they change there password"
• Messages sorted by: [ date ] [ thread ]

---

Date: Fri, 21 May 2004 10:26:12 -0400

Yeah this is a fun one. There are several ways to attack it.

1. Set up a web page and only allow password changes through it, then have the
web page change the password and send the email. You will also need to take away
the right for the users to change their passwords in AD.

2. Set up a password change notification filter which is non-trivial to get it
done right. Then install it on all Domain Controllers.

3. Monitor the pwdLastSet attribute on the IDs in question. When it gets updated
you warn the users.

Note, if this is a security mechanism... It isn't a good one. If I change
someone's password on them there isn't much stopping me from going in and
deleting the email you just sent...

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
Lanwench [MVP - Exchange] wrote:
> I don't understand - you want to automatically generate an e-mail to users
> when they manually change their passwords ? I can't think that this is
> possible, at least not natively. If I've misunderstood, please repost....
> 
> Jeremy wrote:
> 
>>Sending users an email when they change there windows
>>password.
>>
>>I have users that i want to send an email when they change
>>there passwords. I need to be able to customise the email
>>to.
>>
>>Thanks for any help
>>
>>Jeremy
> 
> 
> 

---

• Next message: Admin: "Can I change domain name in AD"
• Previous message: anonymous_at_discussions.microsoft.com: "Re: Sending users an email when they change there password"
• In reply to: Lanwench [MVP - Exchange]: "Re: Sending users an email when they change there password"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: LDAP changePassword always returns error ... >>Joe Richards Microsoft MVP Windows Server Directory Services ... >>>>Microsoft Windows Script Host Version 5.6 ... (microsoft.public.security) Re: CreateProcessAsUser Doubt ... > I need to execute this program to give SE_TCB_NAME privilege to execute ... >>Joe Richards Microsoft MVP Windows Server Directory Services ... (microsoft.public.platformsdk.security) Re: Infrastructure master and GC ... Even in a multi-domain situation, temporarily moving IM to a GC should not cause an issue. ... Joe Richards Microsoft MVP Windows Server Directory Services ... (microsoft.public.windows.server.active_directory) Re: AD Users and Computers shortcut ... Joe Richards Microsoft MVP Windows Server Directory Services ... >>>accounts but I would really prefer not having her log ... >>Make a shortcut to dsa.msc. ... (microsoft.public.win2000.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Win2000  > microsoft.public.win2000.active_directory  > 2004-05