locked
Password Reset Webpart RRS feed

  • Question

  • Good Evening TechNet Experts,

    I found a ton of out-dated material on this but was looking for something more updated, thorough, and well instructed. Need instructions/guide on setting up a Password Reset Portal for end-users on the SCSM portal WITHOUT Orchestrator.

    1. This will need to work with SharePoint 2010, SCSM 2012, and ADFS.

    2. Users need to be able to enter their email / username and click reset to send the password reset link / temporary password to the users email.

    3. Users need this function BEFORE logging in.... I will link to the web part right on my login page. I have seen many "Request Offering" reset pages... this doesn't make sense to me as the user must be able to login before resetting... defeating the purpose and rendering this useless.

    Thanks in advance, look forward to reading your thoughts on this.

    Monday, January 26, 2015 10:57 PM

All replies

  • Hi,

    The good way is to use forefront identity manager (FIM).


    Remy BOVI

    • Proposed as answer by BOVI Rémy Tuesday, January 27, 2015 2:05 PM
    • Unproposed as answer by SirLearnAlot Wednesday, February 25, 2015 3:32 PM
    Tuesday, January 27, 2015 2:04 PM
  • Good Morning Remi,

    I found a ton of out-dated material on this but was looking for something more updated, thorough, and well instructed. Need instructions/guide...

    FIM looks like a good solution. However, I was looking for a guide or instructions, can you direct me to any please?

    Tuesday, January 27, 2015 3:47 PM
  • Hi,

    Deploying Forefront Identity Manager 2010 R2

    https://technet.microsoft.com/en-us/library/hh332710(v=ws.10).aspx


    Remy BOVI

    • Proposed as answer by BOVI Rémy Tuesday, January 27, 2015 3:53 PM
    • Unproposed as answer by SirLearnAlot Wednesday, February 25, 2015 3:32 PM
    Tuesday, January 27, 2015 3:53 PM
  • Thanks for the quick reply Remy. I will mark your answer once I am complete, thanks for your time.
    Tuesday, January 27, 2015 4:53 PM
  • Hello Again Remy,

    After reading up on FIM I believe it would work, however I was wondering if you know of a solution that won't require a separate license. FIM can turn out to be a pretty expensive solution for an already expensive deployment - I would rather have it work with a SharePoint webpart and link to that web part on my login page, something of this nature.

    Do you know of anything like this? I have seen a couple on CodePlex before but again, they were outdated and didn't fit my usage scenario.

    Thursday, January 29, 2015 2:28 PM
  • Any updates? Anyone know a free sharepoint webpart that would do this?
    Tuesday, February 24, 2015 6:40 PM
  • My company has an in-house development team, and this is a common request for them. the major problem you're going to run into (and the first thing they bring up when scoping these jobs) is how to tell if the user really the right person.

    Sending an email is a good second factor, except if you're using exchange, and email depends upon the domain password. 

    Once the identity problem is solved, it's really just a few minutes work in ASP.Net and a simple IIS webpart running as an account administrator. there's even an open source version (DISCLAIMER: i haven't used this, so YMMV)

    Tuesday, February 24, 2015 7:03 PM
  • Thomas! Hello again :)

    What country do you live in? If I ever visit I promise to buy you dinner :D

    Thanks for your reply. I see what your saying, I spoke to management and we made a decision to ditch the approach of giving the customer complete control over a reset - the only easy solution is FIM and this costs too much.

    We decided to use a web-part that would require the user to login with a temporary password provided by our helpdesk analysts, then click on the password reset web-part to undergo the reset. I looked at the tool you provided but am not 100% sure how to deploy it - I am not yet too familiar with this stuff. I also looked at a web-part provided by ITaCS (http://changepassword.codeplex.com/) but this didn't work and ran into a bug. Currently in contact with the developer to see if they can get it fixed but meanwhile, how would I go about deploying the solution you posted?

    To test it anyways, I extracted the files to my IIS directory and added the site as a .Net 4.0 Integrated Pipeline App Pool. I also configured the site to connect as a domain admin user. However, when I launch I kept running to an authentication/permissions error.

    Description: An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources. 
    
    Error message 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to Access Control Lists). Ask the Web server's administrator to give you access to 'C:\inetpub\wwwroot\wss\VirtualDirectories\PassCore'.

    I added permissions on that folder for the domain account running the web app but still same error.

    I disabled authentication completely under system.web/authentication and still solved the permissions issue but I got this compilation error:

    Server Error in '/' Application.
    --------------------------------------------------------------------------------
    
    Compilation Error 
    Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately. 
    
    Compiler Error Message: CS0234: The type or namespace name 'Helpers' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    
    Source Error:
    
     
    
    Line 17:     using System.Net;
    Line 18:     using System.Web;
    Line 19:     using System.Web.Helpers;
    Line 20:     using System.Web.Security;
    Line 21:     using System.Web.UI; 
    
    Source File: c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs    Line: 19 
    

    c:\windows\system32\inetsrv> "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /t:library /utf8output /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorlib.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\assembly\dl3\2cf2a65a\931a5703_0a51d001\Unosquare.PassCore.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_global.asax.3xi7t_sv.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll" /out:"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.dll" /D:DEBUG /debug+ /optimize- /w:4 /nowarn:1659;1699;1701;612;618 /warnaserror-  "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs" "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.1.cs"
    
    
    Microsoft (R) Visual C# Compiler version 4.0.30319.33440
    
    for Microsoft (R) .NET Framework 4.5
    Copyright (C) Microsoft Corporation. All rights reserved.
    
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(19,22): error CS0234: The type or namespace name 'Helpers' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(22,22): error CS0234: The type or namespace name 'WebPages' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(23,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(24,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(25,22): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    c:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\root\a5249b39\150dcacd\App_Web_index.cshtml.a8d08dba.y7qkeipi.0.cs(29,61): error CS0234: The type or namespace name 'Mvc' does not exist in the namespace 'System.Web' (are you missing an assembly reference?)
    

    Finally, I switched to connect as an Application user (pass-through authentication) but now the site just keeps loading forever and nothing happens. I checked event log for issues but it seems I'm not generating any errors after this final configuration attempt... Not sure where to go from here.

    Thanks a million for your help Thomas!

    Wednesday, February 25, 2015 3:30 PM
  • Any ideas? I still haven't figured this out, would really appreciate some pointers! Thanks in advance.
    Friday, February 27, 2015 6:31 PM