Hello all,
I'm trying to create a password change form for my company's vendors. There are a couple of scenarios I could encounter doing this:

1 - User enters invalid current password
2 - New passwords do not match
3 - User's account is locked
4 - User cannot authenticate because password is expired

It's case 4 that I'm struggling with, because their is no way for me to take the password the user entered and verify it against active directory without getting an error. Any thoughts?

6 Years
Discussion Span
Last Post by Reverend Jim

How does the user get access to the form to change a password if the current password has expired? Wouldn't it be impossible for the user to log on to get access to the form?


That's my whole point, we currently have VPN software that when a user with an expired password logs in, verifies their password, then immediately forces a password change, if the password is incorrect they are not allowed in.

I was hoping that some exception would be thrown that would say PasswordChangeRequired.


That would seem to be a problem with the VPN software I would think. I donb't have any VPN experience. Our network group handled that. I just did some AD.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.