February 4th, 2013, 06:34 PM
Can I change active directory passwords from VB?
Hello all, new to forum.
I have a question abont lan pwds and VB.
I work doing customer support in a corporate enviroment.
I do a lot of password resets with various programs, including LAN pwds on active directory.
I have permission to change passwords, I am able to change passwords by going to active directory and doing the point, click, reset pwd.
I am not trying to subvert any permissions or anything.
Through out the coarse of the day, we do alot of passwords. Alot of times users don't know when they last set a domain password, or when it expires. We need to find out if the account is locked or expired, what groups the user has, etc.
I have little to no programming experience, I am ina VB programming class right now for college, yet last year I was able to piece together a program in VB 6 that would allow me to enter the domain user ID, and it would tell me when the password was last set, it would tell me when it expires, it would tell me if the account is locked out. It would also tell me what groups they were part of, it was displayed in a list of lots of information that I have to scroll through.
This program alone makes life easier, its faster to get information needed, before going through active directory.
It makes use of DOS command Net User, basically runs the dos command and dumps the results into a VB textbox.
HEre is the kicker. Using the same dos command, Net User you can reset a password, HOWEVER. the security blocks the NET USER password command.
Again, I am not trying to circumvent any permissions or security, as I have access to reset pwds via GUI. I just want to write a program that will do it faster and easier, all from 1 window.
On my own server at home, i was able to rewrite my program, and able to reset domain passwords making use of the NET USER commmand, so i know it works.
Because the net user password reset commands are blocked, and I have access to reset a domain password via GUI and active directory.
How can I write a program, that will make use of same procedure/function/whatever...that is used when I point and click?
I can't articulate very well what I am trying to describe, but when I click on my mouse and select a domain account and tell it to reset the password, that is making use of some function/access...why can't a program make use of the same function/access?
What is actually being called up and manipulated from the gui in active directory?
Is visual basic to low level to accomplish this? Do I need something like C+?
Ultimately, I want a program that wil take the user id, and tell me when the pwd was last set, when it expires, if the account is locked out.
I want it to tell me if the user is a member of 1 of 5 groups.
I would like to have the ability to reset the domain password via a random generator (our corporate temporary passwords have to be random)
I would also like a checkbox that indicates if the account is simply locked, and then unchecking will unlock the account.
Any thoughts? suggestions?
Again, I am not trying to bypass any security. I have the permissions already to do this password changed.
I have spoken with my management and they intern the higher ups, everything is ok. I am not going to get in any trouble. They simple do not want to allow NET USER to allow password changes.
I do understand i am not even a novice yet, but am willing to learn. Just need a direction to walk in.
Click Here to Expand Forum to Full Width