cancel
Showing results for 
Search instead for 
Did you mean: 

active directory self service password reset

Occasional Contributor

active directory self service password reset

Hello, I'm looking for a functionnality within my PCS which consists in resetting user password by themselves. My PCS is connected to my Active Directory using  Kerberos.

 

Thank's in advance.

Regards.

4 REPLIES
Contributor

Re: active directory self service password reset

That configuration is done per realm, in

 

Authentication Policy >> Password

 

If that feature is available in the type of authentication server you are using, it shows

[x] Enable Password Management

 

From the documentation it is only say ldap servers, but I think it also works with AD server type.

Occasional Contributor

Re: active directory self service password reset

Hello,

 

Thank's for your reply. In fact, I do have this functionnality enabled wich allows the user to change his password only if he knows the old one and this works well.

But, un my case, I want to offer the possibility to the user to reset his password because he forgot the current one. Do you have or know a solution to this problem ?

 

Thank's in advance.

Highlighted
Super Contributor

Re: active directory self service password reset

I used the Manage Engine product several years ago for this.  At that time there was no way native to windows to change a password without knowing the current one.  I think this is still the case. 

 

This has both a login prompt and website option.

 

https://www.manageengine.com/products/self-service-password/self-service-password-reset.html

 

You may not want to expose this for external users.  Since they will need to be unauthenticated to use this from Pulse, that means the internet in general can try to highjack accounts if they can guess user names.  So if you implement be sure that the criteria you choose to match that allows the change cannot be found anywhere but by the user.

 

Steve Puluka BSEET - IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP) - http://puluka.com/home
Moderator

Re: active directory self service password reset

To tag along with Spuluka, the appliance does not support this. If there is a way to _securely_ provide remote access to this type of system, that will work (possibly anonymous auth server instance) to give access