SharePoint Reset Password Web Part
ASP.Net Sample Guide
Release 2.0 (HW10)
Contents
Overview... 2
Installation ... 2
Password Reset Setup Program ... 2
Installing the Sample Applications... 3
Solution Components... 4
Email Option: Usage Guide ... 4
How Does it Work?... 4
Installing the ASP.NET Application... 5
Security Questions Option: Usage Guide ... 5
Customizing the ASP.NET Applications ... 6
Programmatic Reference ... 6
About Bamboo Solutions Corporation
Bamboo Solutions Corporation is a software technology provider specializing in hosted, collaborative software solutions built on Microsoft® SharePoint Technology and Services. Our business collaboration solution is designed for clients who need rapid implementation, quick user acceptance and immediate productivity gains. Bamboo Solutions is a privately held company with headquarters in Reston, Virginia.
Bamboo Solutions Corporation 11417 Sunset Hills Road, Suite 105
Reston, VA 20190 store.bamboosolutions.com Copyright © Notice
This document is provided for informational purposes only and Bamboo Solutions makes no warranties, either express or implied, in this document. Information in this document is subject to change without notice. The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or
otherwise), or for any purpose, without the express written permission of Bamboo Solutions Corporation. Bamboo Solutions may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Bamboo Solutions, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Published work 2006 Bamboo Solutions Corporation. All rights reserved.
Overview
The Bamboo Reset Password Web Part product is designed to offer users with two options for setting up a reset password solution in their environments.
• Web Part Mode (See product App Notes) • ASP.NET Application Mode
The first option is to use the Web Part provided with the application installer to handle end user system interaction. This Web Part can be used ‘out of the box’ to provide an end to end reset password solution. Please see the product Application Notes for a detailed guide to using the Web Part based solution. The second product option, which is the focus of this document, is to configure the solution to provide end user interaction through custom web pages. This second method allows for precise control over the end user experience and may be preferable in some environments.
There are two sample ASP.NET applications provided with the product download. The first contains a sample that uses e-mail based confirmation to facilitate a password reset. The second sample uses a password reset model driven by online security questions.
Sample pages and code files are written in C# using Visual Studio .NET. The source files can be used: “as-is” as a prepared solution, as a customization starting point, or as a reference guide for developing ones own custom web pages. This document is intended to help users setup and use of the sample projects. It also provides background documentation related to how the Reset Password core utility interfaces are exposed.
Installation
The two Bamboo Reset Password sample applications can be installed by running their respective setup routines from the main product setup page. .
Password Reset Setup Program
Before you begin, you need to make sure you have access to the server and your account must have the appropriate administrative privileges to install applications.
The Password Reset Setup program provides links to the various installation components for Password Reset. These components include the Bamboo License Manager as well as the Application Notes.
To access the Password Reset Setup program:
1. Unzip the contents of your product download. Be sure that all files and subfolders are selected to be extracted.
2. The folder hierarchy contains a file at the root of the extraction folder named “Setup.bat”. It also contains the following folders:
o \doc – Contains a HTML-based version of the product Application Notes. o \msi – Contains the product installation executables.
o \cab – Contains the cabinet files that can be used for manual installs.
3. Find the Setup.bat file located at the root of the extraction folder. 4. Double-click this file to launch the setup page.
5. The setup page contains links to the various product components under the Components header in the left margin. Click on any of these links to view a description of the component in the right text area of the page. Most of the installs you can launch with a single click of the Install button that appears beneath the component description.
Installing the Sample Applications
To install a Password Reset Sample Application, from the Password Reset Setup program, click the either the Password Reset Sample ASP.Net Application – Email Option or the Password Reset Sample ASP.Net Application – Security Questions Option component and then click the Install button. You can install both sample applications on the same server, but you will need to run each installation routine separately.
NOTE: The Setup program automatically detects the version of SharePoint or WSS on which you are installing the sample application and displays the component button for the appropriate installation programs. In other words, if you are installing the sample applications on WSS 3.0 or Office SharePoint Server 2007 then only the component installs for Password Reset for WSS 3.0 are displayed.
The setup of each sample application will follow the same installation steps. The following instructions will show screen shots from the Email Option sample application. The Security Questions Option sample application install will follow the same installation steps.
Once the setup routine is launched, you will be presented with a welcome screen. Simply click the Next button to begin.
The next step of the installation process will prompt to specify the Site under which the sample application will be created, and it will ask for you the name of the Virtual Directory to create beneath the site. Once this
information has been entered, then click the Next button to continue.
You will receive a confirmation window (not pictured) and will need to click the Next button again to initiate the install. When the installation is complete, an installation summary window will be displayed (also not pictured). Please confirm the successful installation and simply click the Finish button to close the installation routine. If desired, follow the same set of steps to install the second sample application.
Solution Components
Note: This section to be updated for release 2.0 soon.
Email Option: Usage Guide
Note: This section contains information that may or may not need to be updated for release 2.0. These document changes will take place soon.
How Does it Work?
A user navigates to the Reset.aspx page and receives a simple UI requesting entry of their user name and email address. A Submit button click from this form then calls the core Bamboo.Utility.ResetPassword object constructor and makes a call to sendInitialEmail. This will result in an initial confirmation email being sent to the email address of the account requesting the password reset. The confirmation email will contain a hyperlink back to the
Reset.aspx page to confirm that indeed the reset password request originated from an authorized source and is still desired. Upon receipt of the user confirmation (by clicking on the email hyperlink), a call is made on the server to the sendFinalEmail method. This causes the password to be reset to a randomly generated value that is then sent back to the user in a second (and final) email message. The password reset process is considered complete and the user can log into their SharePoint portal using the new password.
Reset.aspx
User Name: Email:
Submit
Bamboo.Utility.dll
ResetPassword
Constructor: public ResetPassword(string Domain,string AdminUser,string AdminPassword,string SharepointAdminUser,string SharepointAdminPassword)
public void sendInitialMail(string emailID,string Username, string CurrentURL,string SMTPServer,string EmailFrom)
public void sendFinalMail(string emailID,string Username,string SMTPServer,string EmailFrom)
Http:
New Password
Page_Load event Authenticate Admin Credentials
Page_Load event (Admin credentials are re-authenticated here too.)
Installing the ASP.NET Application
1. Install the sample application as described in the preceding section. 2. Modify XML settings file config.xml using a text editor
a. setADAdminName – Login account of the Active Directory Administrator b. setADAdminPassword – Login password of the Active Directory Administrator c. setSPAdminUser – Login account of a SharePoint Administrator
d. setSPAdminPassword – Login password of the SharePoint Administrator account
e. setNTDomain – (true/false) Boolean value indicating whether user accounts used in SharePoint are controlled by NT (true) or are Active Directory based (false)
f. setDomain – Fully qualified network Domain
g. setEmailFrom – Sender address for all emails generated by the system
h. setInitialEmailSubject – Text to be inserted into the email Subject for email sent in the initial confirmation
i. setInitialEmailMessage – Text to be used as the message body of the initial email sent requesting confirmation
j. setFinalEmailSubject – Text to be inserted into the email Subject for the final email sent indicating that the password has been reset
k. setFinalEmailMessage – Text to be used as the message body in the final email sent indicating that the password has been reset
l. setSMTPServer – SMTP server name to use for outgoing email messages
m. setExcludedListofUsers – List of user logins, separated by semicolon “;” characters, to refuse password reset requests for
Customizing the ASP.NET Applications
Note: This section to be updated for release 2.0 soon.
The Reset Password sample solutions can be customized for your environment using Visual Studio .NET 2003 (SPv2) or Visual Studio .NET 2005 (SPv3). Create a new ASP.Net project, and add the following files to the project depending on which sample application you are customizing.
Email Option Sample Application:
Security Questions Option Sample Application: Typical customization scenarios that can be made are:
• Alter the look and feel of the UI through modifications to the layout of Default.aspx. • Change the reset password process for the Email Option to bypass the confirmation step.
• Include the requirement to validate additional user information before a reset request can be initiated. • Add security to administrator passwords by removing the need for these entries from the config.xml file.
Programmatic Reference
Assembly: Bamboo.DirectoryServices.dll. There are 2 major name spaces in this assembly. 1)
Bamboo.DirectoryServices. This name space contain all the classes to do the actual reset password logic 2) Bamboo.Utility name space contain wrapper classes for Bamboo.Directory Services classes + Email class. Name Space =
Bamboo.DirectoryServices
Major Classes:
1.
Bamboo.DirectoryServices.AdministrativeAccount
: used to Set
administrative account information such as user name, password, logon
domain name. This creates the an object to be used as one of the
parameters of the
2.
Bamboo.DirectoryServices.ResetPasswordServiceBamboo.DirectoryServices.AdministrativeAccount administrativeAccount =
new Bamboo.DirectoryServices.AdministrativeAccount();
administrativeAccount.Domain = this.adminDomain;
administrativeAccount.Password = this.adAdminPassword;
administrativeAccount.UserName = this.adAdminUser;
Domain- If you are using Active Directory, then this field stores the full qualified name of that Active Directory domain. For example: “us.bamboo.com”. If you are using Windows NT to handle your users, then this setting is the machine name.
UserName: AdminUser is a user who has the administrator rights to Active Directory. If you are using Windows NT based user accounts, then the AdminUser is the machine administrator.
Password: The password of the above said AdminUser.
Bamboo.DirectoryServices.ResetPasswordService: This class helps to reset the password of the User which can be either in Active Directory or Windows NT local machine.
Constructors: This class has only one default constructor.
public ResetPasswordService(AdministrativeAccount administrativeAccount, string fullyQualifiedDomainName,string defaultDomain)
This constructor requires 3 parameters.
fullyQualifiedDomainName: For AD it is the domain or subdomain fully qualified domain anme. example qa.bamboo.local. For Window NT local machine then it is the machine name
default domain: Active Directory: Logon domain name of the users that you want to reset password. Example “qa” for qa\user1. Window NT: machine name.
This class implemented these public interfaces. It also has its own public methods.
interface
IResetPasswordService
{
string
ResetPassword(
string
accountName,
bool
mustChangePasswordAtNextLogin,
bool
unlockAccount,
bool
enableIfDisabled,
bool
isExcludeGroup,
ref
string
listGroups);
bool
MustChangePasswordAtNextLogin(
string
accountName,
bool
mustChangePasswordAtNextLogin );
string
GetProperty(
string
accountName,
string
propertyName );
Hashtable GetProperties(
string
accountName,
string
[]
propertyNames );
bool
IsUserInGroup(
string
accountName,
string
listGroups);
bool
IsExistGroup(
string
groupName);
}
public string
ResetPassword(
string
accountName,
bool
mustChangePasswordAtNextLogin,
bool
unlockAccount,
bool
enableIfDisabled,
bool
isExcludeGroup,
ref
string
listGroups); //listGroups: group or user
names to be exlcuded from reset password
bool
MustChangePasswordAtNextLogin(
string
accountName,
bool
mustChangePasswordAtNextLogin ); This method set the flag to force user to
change password in the next login.
string
GetProperty(
string
accountName,
string
propertyName ): Get the
property value of the property name for an AD account. This is used for
Security Questions mode and it is applicable for AD only. Not for NT.
Hashtable GetProperties(
string
accountName,
string
[] propertyNames ); same
as above and return hastable.
public
bool IsUserInGroup(string loginName, string listGroups):
this method
check to see if an account belongs to a AD or NT groups to be excluded. You
can’t reset password for users belong in this group. listgGroups parameters
include the groupnames separated by ‘;”.
public
bool IsExistGroup((
string
groupName): Check to see whether the group
name is indeed in AD domain or NT groups.
public
int CheckExistGroups(string listGroupNames) : Check to see whether
the groups names are indeed in AD domain or NT groups. Return (-1) for false.
public bool HasLicense(): Check to see if the Bamboo.DirectoryServices.dll
has valid license.
This class implement this interface:
public
interface
IResetPasswordComponent
{
string
[] ExcludedUsers{
set
; }
NameValueCollection SecurityAnswers{
set
; }
string
ResetPassword(
string
userName,
string
emailAddress,
bool
mustChangePasswordAtNextLogin,
bool
unlockAccount,
bool
enableIfDisable,
bool
isExcludeGroup,
string
listGroups);
string
ResetPassword(
string
userName,
bool
mustChangePasswordAtNextLogin,
bool
unlockAccount,
bool
enableIfDisable,
bool
isExcludeGroup,
string
listGroups);
}
Sample Codes:
Bamboo.DirectoryServices.AdministrativeAccount adminAccount =
new
Bamboo.DirectoryServices.AdministrativeAccount();
adminAccount.UserName = ADAdminName.InnerText.Trim();
adminAccount.Password = ADAdminPassword.InnerText.Trim();
adminAccount.Domain = ADDomain.InnerText.Trim();
string
[] exUsers = GetExcludedUsers(excludedListofUsers.InnerText.Trim());
System.Collections.Specialized.NameValueCollection securityAnswers =
GetSecurityAnswers();
Bamboo.Utility.IResetPasswordComponent resetPWDCom =
new
Bamboo.Utility.ResetPasswordComponent(adminAccount,
fullDomain.InnerText.Trim(),
this
.defaultDomain.InnerText.Trim());
resetPWDCom.ExcludedUsers = exUsers;
resetPWDCom.SecurityAnswers = securityAnswers;
Class: Bamboo.Utility.Email
Purpose: Helper to send SMTP email. Parameters are self explainatory.
public
EmailHelper(){}
public
void
SendSMTPMail(
string
emailFrom,
string
emailTo,
string
emailCc,
string
emailBcc,
string
emailSubject,
string
emailMessage,
string
Setting File: