Allow users to change their Windows Domain/Active Directory passwords using their web browser! Simple to install, no scripting or programming required! No more need to train users how to change passwords on different operating systems! Users accessing your servers from non-Microsoft operating systems can now change their password! Keep a log of all successful and failed attempts to change passwords | Overview
Simple password changing using a browser is especially useful for organizations with dial-up/VPN remote users, those with workstations running a variety of operating systems, those running Exchange, or anyone else who wants to give their users a extraordinarily easy way change their own passwords without the hassle of logging onto the domain, pressing obscure key combinations, or figuring out how their particular operating system changes passwords. Domain Password generates its own HTML forms, and integrates directly with the Windows NT4/2K/XP/2003/Vista/Win7/2008/Win8/2012/Win10 security system. Domain Password also works on SSL-enabled web servers to provide fully encrypted sessions between the server and browser. Domain Password is primarily designed for use on Windows Domains/Active Directory trees. The program can run either on Workstation or Server versions of Windows NT4/2K/XP/2003/Vista/Win7/2008/Win8/2012/Win10. Users may also change passwords for multiple domains. You may also install Domain Password on stand-alone machines that are not part of a domain; in this case, you can use Domain Password to change the password only on the machine on which it runs. |
The server portion of is a standard CGI program that runs on a web server (IIS, Apache, and others) running on Windows NT4/2K/XP/2003/Vista/Win7/2008/Win8/2012/Win10. Refer to your web server's documentation to ensure that standard CGI is enabled for the server, and that the CGI directory has the proper execute permissions. On IIS, make sure that the IUSR_ Note: Enabling CGI on IIS for Windows Server 2003 and later requires additional configuration. See this article from our Knowledgebase for details. If you are having trouble getting CGI programs to run, especially on IIS, then you might want to search our knowledgebase for help. Answers to the most-frequently asked questions are there. Copy dompass.ini to the same directory as dompass.exe. Leave dompass.ini unchanged until you are sure Domain Password is working satisfactorily, then edit to suit your tastes. Note, you may need to add domain information per this KB article. Add a link to dompass.exe on any page you want. For example, if your CGI directory is CGI-BIN, add this link: <a href="/cgi-bin/dompass.exe?">Change Password</a> To use Domain Password on any web server, you must Note: Passwords are case-sensitive on this system. Password, PASSWORD, and password are three different passwords. Version 1.1 (build 970302 or later) allows you to customize the entire format, asmuch or as little as you want. Domain Password is self-configuring. It will discover the name of your primary domain controllerand generate the proper HTML. You may override this by specifying a machine name on the PDC=line in dompass.ini. Specifying a PDC also makes the program more efficient, since the lookupcan take a noticeable amount of time on some networks. You may customize most aspects of Domain Password by editing the dompass.ini file. All of thetext, and most of the HTML, can be changed by editing this file. To make Domain Passwordoperate in Portuguese, for example, just replace the English text messages with the Portugueseequivalents. Here is the default dompass.ini file. (It is included in the ZIP archive when you download.) All of the options arewell-documented in the INI file itself, so there's not much point in repeating the instructionshere. By default, Domain Password looks for dompass.ini in the same directory where theyou keep dompass.exe. This is also where Domain Password will write its log file, dompass.log.As of version 1.1.b.980925, you may change a registry setting to specify a differentdirectory for dompass.ini and dompass.log. This feature was added to enhance securityfor servers that allow read access to all files in the CGI-BIN or SCRIPTS directory. Ifyou are upgrading from a previous version, Domain Password will create the registry entryfor you the first time you run Domain Password after the upgrade. To change the directory where the config files are stored, use REGEDIT or REGEDT32 to modifyDomain Password's ConfigDir setting: Create the directory you specified above, and put the dompass.ini file in that directory.Use File Manager or Explorer to set the file permissions to Change for the users whoshould be able to access this file. Under IIS, this is usually the group AuthenticatedUsers, and/or the user IUSR_machinename. Under other web servers, you will usually needto specify the account under which the web server runs, usually LocalSystem or System. As long as the drive and directory you specify isn't shared, this will allow DomainPassword to read the dompass.ini file and write the dompass.log file in this directory,but not allow access in any other way. Domain Password is a client-server program. The client portion is a web browser, and the server portion is a web server running Domain Password. No additional software or configuration is needed for the client, which means you may change domain passwords using any web browser on any operating system as long as the browser supports HTML forms.
Copy the executable file to your web server's CGI directory (usually cgi-bin or scripts, but may be something else depending on your server and how it's configured).
Here's what the CGI looks like by default:
Username: Current Password: New Password: New Password Again:
HKEY_LOCAL_MACHINE Software Greyware Domain Password Parameters
Double-click on the ConfigDir entry. This is a REG_SZ (string) value, set to blank bydefault. Type the drive and path you want to use. For example, C:\dompass.