Is there anyway to solve password management for Active Directory. I mean like a user forgot password and needs to reset it? Is using an Active Directory Administrator account to reset the password the only way?

Which is probably the most suitable method for VB.NET programming?
<Method 1>
Login.aspx->RetrievePassword.aspx->specify username->User answer secret question(secret question and answer store and retrieve from SQL server)-> if correct -> set directory login with hardcoded administrator account -> use set password invoke

<Method 2>
Login.aspx->retrievepassword.aspx-> key in username or email-> generate random new password, email to user's email,set user to change password at next logon

Kind of lost...thanks for any suggestion... have done all Create,Update,Delete operations for users, juz don't really know how to go about handling lost/forgotten password management

in our case..we do in following manner
1> Our database stores user info..username & password etc along with that we use
GUID column which is unique through out the end of all records.

2> when user cliks on forgot password, prompt for email id

3> If email id exist in the database then Grab the GUID

4> Now create a link.."email specified by user"&GUID="which we got from the database";

5> Send this link via Email..

6> when user hits the link, user comes to your page where you can grab the email & GUID from querystring

7> Check GUID matches against the database provided by email

8> if yes then allow user to update password.

No one can mess with this method
Even if you change the Email or GUID in the querystring..
At the time of validating against the database..all wrong attempts will be failed.

hope this helps.