I have a website in asp.net 3.5(C#). I have configured asp.net membership module in my website.
Now I want to add the functionality so that an admin can change the passwords of other users.
Is there a way to reset a user's password while logged in as an administrator? I just had to delete a user and re-create him in order to achieve the same affect of resetting his password, so I'm wondering if there is a better way to reset a password.
View 1 RepliesOn the local development machine a number of users are administrators (using the asp.net administer website tool accessible via the login controls on the page).
When the site is copied to the production server, these users can still log in, but they are not administrators anymore.
I can use the same way as on the local machine to rectify this. And this works when the site is run of the development tool (visual web developer express 2010, i.e. local host).
However, the functionality (admin users can access certain websites (via if(User.IsInRole("Administrator") == true) is not working when the same code is run in the production environment real production server, not localhost). Somehow asp.net is not recognizing that users have been set to that role.
I can recover my password but when I try to change my password to something a bit easier to remember it gives me:
Password incorrect or New Password invalid. New Password length minimum: 7. Non-alphanumeric characters required: 1.
I had been trying to solve this but there is a hidden key i wish someone point me to.
I had a simple membership database with users in first the Membership Provider configured for clear password to retrieve the original password .
Now a new requirement say that the password must be hashed and reset .
I configure the Membership password to hash , and Implemented the Reset Password Module.
My problem is as follow.
If the user is new registered user with the new configuration the password and the security answer is hashed.
also when I go and reset the password it continue to be hashed.
Now I thought that with new configuration if any previous user with clear text configuration , If he use the password Reset module , because my configuration now is hashed , I expected that the new password and security answer will be hashed . what happen is old user continue in clear text even if the configuration is hashed. so If I had new users everything is fine.
old users Membership Provider somehow know they had been stored in clear text and it keep change password and security answer in clear text . If I delete this user and create it , Membership Provider understand that everything will be hashed. I need to know how it know this , I need to migrate users not to delete and recreate users .
Also if there are no solution for that , I wish Microsoft Consider it in future cause it is a real user scenario, that can happen imagine a business system that related to membership user Id , deleting users and recreate them is not a solution .
Is there anyway to change a user password as an administrator in active directory using c# code.
View 1 RepliesI using change password control, how can i change the password without enter the current password?
View 8 RepliesI need to look for an example of a web application, preferably ASP.NET but any otherweb language will do, that lets Mac and Windows users change their AD password.
Any technique, application, or source code will be great.
P.S: our Macs are not connected to AD and we also have Windows users.
I am developing a shopping cart with asp.net and sqlexpress. I am using aspnet authentication components to create a backend page. I designed the site to let in only authorized users in.
Yesterday, I forget my password to login to backend and asked system recover my password. with recover password of the asp.net I was able to receive the temp password. I took that and logged in, of course asp.net forward me to password change component which I am having problem with.
Every time I change my password , password change shows that I was successfull but after clicking on the continiue button password change component comes back. I went to properties of password change component and entered the main default page as destination but it is not helping.
I close the IE clear the cache , even restart the machine. When I login always taking me to the password change page.
I need to look for an example of a web application, preferably ASP.NET but any otherweb language will do, that lets Mac and Windows users change their AD password.
Any technique, application, or source code will be great.
our Macs are not connected to AD and we also have Windows users.
I am writing a simple plugin for IE. I need to store a password and username setting for the user who uses the plugin. I know that I can store the username/password in the registry, I can manually encrypt it using the encription classes with .NET, or I can store it in a config file and encrypt the config file. I was wondering if there is a specific pattern/mechanism that I should use to store password and username.
View 1 RepliesI'm using the built-in membership in my ASP.NET Web Forms 4 app.
I'm also using the PasswordRecovery control for handling users who have forgotten their passwords. Before I reinvent the wheel, I've decided to post this question.
As one can imagine, in most cases, people give it a few tries before requesting a password change. Of course in the process, they lock out their accounts. The problem is that password recovery does not work for locked out accounts.
How do I first unlock the account if I'm using PasswordRecovery control?
I cannot send email to the the users when they forget their password ( I am using .NET's Forgot password wizard), and I am using the below code in the web.config file. My hosting provider is Go Daddy and it is a shared hoting.
[code]...
I can email the password in my local machine by using the forgot password wizard, but after I have uploaded all the files in Go Daddy, it does not work. That means, I am wrong somewhere at above mentioned code.
How to give the Permissions to the users & Administrator in the asp.net...For example : I just want to give the permissions to the users that screens only appear for User remaining will be hide in the menu. What are the proper steps for the permissions in asp.net ....
View 1 RepliesI've been reading about asp web administration tool. I read about creating roles and stuff and forcing a controller to use authentication in order to be viewed. My question is, say create on the administration tool a user called Peter and I assign him the Administrator role. Then I want to create another role called LimitedAdministrator. But I want Peter to create new users on his View (I'm using MVC). Can anyone point me in the direction of how to do this.
I want peter to see on his page, like "Create user" and this user will be created as a LimitedAdministrator.
In my asp.net application, users are created by the administrators & those users need to log-in into the system using their own email/password or openid. So what is the best option to implement in this scenario?
I mean, as users can't register them self,do administrator required to associate each openid with the users & what kind of table structure do I need?
And do I also need the log-in interface like that of [URL] showing multiple types of authentication(default & openid from various providers)?
I'm using the ChangePassword method of membership provider to change the password and one of the requirement before calling the changepassword is to retrieve the current password. But I'm getting error:padding is invalid and cannot be removedbelow is my web.config:
< system.web> < machineKey validationKey="4FD671E39167DFB91A918018007D095E50B7D2971B01AEDE26A7233FD9CC4A470F80689997EC2C7BB515F9D82C8B4D1F3A8495193630B11E8401C96BD0A5A133" decryptionKey="ED1555E75C7B91738172E0086456C70B9CAA4C44214FC2B1907123993EA4FA53" validation="SHA1"
decryption="AES"/>....< /system.web>
I got a problem here and i desperately need your helps through this.Ok,i use Change Password control to allow user to change their password.I use administrative tool to setting their username and password.When i run my project and clicks on Change Password button,i got below error:"Password incorrect or New Password invalid. New Password length minimum: 6. Non-alphanumeric characters required: 0."It means,change password attempt is unsuccessful.Why this happen?
View 4 Repliessome links or guides on how to use Change Password control in asp.net?I already succeed implemented the login control in my application.And now i want to put change password control in my application so that the user can change their password accordingly.How can i do this using asp.net?
View 4 RepliesI have created login page(login.aspx) using login cotrol, now my lead asked me to provide an option "Change Password" so that end-user can change his password any time.I have created different form named as ChangePassword if you click lableChangePassword on login.aspx page a pop-up window appears with changepassword control.how can i make this work using same(login) table. i searched around for code around i did not find.I used this link to create login page
[URL]
1. In the asp.net configuration tool I can create a user without a problem. When I enter the password it performs some validation on it and if I've not entered a reasonably strong password it gives me an error saying "the minimum password length is 7 characters and must contain at least 1 non-alphanumeric character." I've got no problem with this and I don't want to get side-tracked into the merits of password security. Is it possible to change this validation so that it accepts anything I enter? Surely, as weak as it is if I wanted to enter "password" I should be allowed to? Perhaps you can't change it which is fine but if you can how would you go about it?2. If I add an asp change password control to a page I was sort of hoping I might be able to override any global setting (1 above) and find a property that would let me set the pattern at run time? I can't but maybe there is a way to do it in code?
View 4 RepliesI am designing a website (ASP.NET in VB) and I'd like it to have the following features: to generate a random string to be used as a password. This bit I should be able to manage, the bit I don't have a clue on is how I can pass this to a Windows machine (on a workgroup not AD) to change a user's account password.
View 2 RepliesUsing windows Authentication... is it possible to progrematically change a password?
I tried using several ways to do this. I tried using the ChangePassword control. This tells me that minimun characters is 7 even though I have more then 7 characters... I also tried using this method:
[Code]....
The user is always null... and I am assuming this is because this object is indended to use with Forms authentication.
All I want to do is have an option for users to change passwords. Is this possible with Windows Authentication?
I Use Asp.Net Change Password Control.I want to make shure that new Passord won't be the sae as Old Password.Is ChangingPassword Event Using for this process?How Could I Compare NEw Password Which is ClearType with Hashed Password which Saved In DB.Note:I Use ASP.Net Builtin Membership.
View 2 RepliesI have this code for changing a user's password when they click the password reset button (with extra code to log to ELMAH so I can try to figure out what is going wrong).
This is in ASP.NET MVC 2, using the standard aspnet membership provider, with a simple View like this:
New Password: ______
Confirm Password: ______
[Reset] [Cancel]
The route to this view is `/Account/Reset/guid`, where guid is the user's id in the aspnet membership database.
The key portion of the code is where it calls `user.ChangePassword()`. You can see that it logs a message when successful. The problem is that for some users, the success message is logged, but they can not log in with the new password. For other users it logs the success message and they can log in.
if (user.ChangePassword(pwd, confirmPassword))
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - changed successfully!"));
return Json(new {
Msg = "You have reset your password successfully." },
JsonRequestBehavior.AllowGet);
}
The full code listing is:
[Code]....
Edit: Adding a bounty to try to get this solved. This is one of the most annoying problems on my issue list, and I have no idea how to proceed.
