Want to be able to allow users to log in, but be able to change password as well

[Rod]

I have a requirement in which I need to allow the user to log into our
ASP.NET application, but also be able to change their Windows password, if
it is expired. I had thought that Windows authentication would do the
trick, but it appears not to. (If the user's password has expired, it will
sit there forever asking the user for their username and password in the
Windows login dialog box that pops up.)

1) The way I see it, I have two possibilities. Either there is some way of
using Windows authentication to restrict access to the ASP.NET application
to only accounts on our Windows 2000 Active Directory network. And if a
user's password has expired, finding some way in which they can change it.

2) Or, I can use Forms authentication, but some how restrict it to just the
users in our Windows 2000 Active Directory. However, I don't know how to do
this.

How do I implement either #1 or #2?

Rod

 

[Curt_C [MVP]]

You want a user to login with their expired password??
You could user an administrator account to reset that users password
perhaps, that should work, then have them relogin with their account.

 

[Rod]

Good clarifying question; I want it so that if the user's Windows' password
has expired, then it will go to some other ASPX page and allow them to reset
their Windows password.

Of course, the system administrator could reset their password, but it is a
functional requirement of this new system that the user be able to reset
their Windows password through the ASP.NET website.

Rod