0

Hello all,
I'm trying to create a password change form for my company's vendors. There are a couple of scenarios I could encounter doing this:

1 - User enters invalid current password
2 - New passwords do not match
3 - User's account is locked
4 - User cannot authenticate because password is expired

It's case 4 that I'm struggling with, because their is no way for me to take the password the user entered and verify it against active directory without getting an error. Any thoughts?

2
Contributors
5
Replies
6
Views
5 Years
Discussion Span
Last Post by Reverend Jim
0

How does the user get access to the form to change a password if the current password has expired? Wouldn't it be impossible for the user to log on to get access to the form?

0

That's my whole point, we currently have VPN software that when a user with an expired password logs in, verifies their password, then immediately forces a password change, if the password is incorrect they are not allowed in.

I was hoping that some exception would be thrown that would say PasswordChangeRequired.

0

That would seem to be a problem with the VPN software I would think. I donb't have any VPN experience. Our network group handled that. I just did some AD.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.