• No results found

SharePoint Reset Password Web Part

N/A
N/A
Protected

Academic year: 2021

Share "SharePoint Reset Password Web Part"

Copied!
10
0
0

Loading.... (view fulltext now)

Full text

(1)

SharePoint Reset Password Web Part

ASP.Net Sample Guide

Release 2.0 (HW10)

Contents

Overview... 2

 

Installation ... 2

 

Password Reset Setup Program ... 2

 

Installing the Sample Applications... 3

 

Solution Components... 4

 

Email Option: Usage Guide ... 4

 

How Does it Work?... 4

 

Installing the ASP.NET Application... 5

 

Security Questions Option: Usage Guide ... 5

 

Customizing the ASP.NET Applications ... 6

 

Programmatic Reference ... 6

 

About Bamboo Solutions Corporation

Bamboo Solutions Corporation is a software technology provider specializing in hosted, collaborative software solutions built on Microsoft® SharePoint Technology and Services. Our business collaboration solution is designed for clients who need rapid implementation, quick user acceptance and immediate productivity gains. Bamboo Solutions is a privately held company with headquarters in Reston, Virginia.

Bamboo Solutions Corporation 11417 Sunset Hills Road, Suite 105

Reston, VA 20190 store.bamboosolutions.com Copyright © Notice

This document is provided for informational purposes only and Bamboo Solutions makes no warranties, either express or implied, in this document. Information in this document is subject to change without notice. The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real company, organization, product, person or event is intended or should be inferred. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or

otherwise), or for any purpose, without the express written permission of Bamboo Solutions Corporation. Bamboo Solutions may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Bamboo Solutions, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Published work 2006 Bamboo Solutions Corporation. All rights reserved.

(2)

Overview

The Bamboo Reset Password Web Part product is designed to offer users with two options for setting up a reset password solution in their environments.

• Web Part Mode (See product App Notes) • ASP.NET Application Mode

The first option is to use the Web Part provided with the application installer to handle end user system interaction. This Web Part can be used ‘out of the box’ to provide an end to end reset password solution. Please see the product Application Notes for a detailed guide to using the Web Part based solution. The second product option, which is the focus of this document, is to configure the solution to provide end user interaction through custom web pages. This second method allows for precise control over the end user experience and may be preferable in some environments.

There are two sample ASP.NET applications provided with the product download. The first contains a sample that uses e-mail based confirmation to facilitate a password reset. The second sample uses a password reset model driven by online security questions.

Sample pages and code files are written in C# using Visual Studio .NET. The source files can be used: “as-is” as a prepared solution, as a customization starting point, or as a reference guide for developing ones own custom web pages. This document is intended to help users setup and use of the sample projects. It also provides background documentation related to how the Reset Password core utility interfaces are exposed.

Installation

The two Bamboo Reset Password sample applications can be installed by running their respective setup routines from the main product setup page. .

Password Reset Setup Program

Before you begin, you need to make sure you have access to the server and your account must have the appropriate administrative privileges to install applications.

The Password Reset Setup program provides links to the various installation components for Password Reset. These components include the Bamboo License Manager as well as the Application Notes.

To access the Password Reset Setup program:

1. Unzip the contents of your product download. Be sure that all files and subfolders are selected to be extracted.

2. The folder hierarchy contains a file at the root of the extraction folder named “Setup.bat”. It also contains the following folders:

o \doc – Contains a HTML-based version of the product Application Notes. o \msi – Contains the product installation executables.

o \cab – Contains the cabinet files that can be used for manual installs.

3. Find the Setup.bat file located at the root of the extraction folder. 4. Double-click this file to launch the setup page.

5. The setup page contains links to the various product components under the Components header in the left margin. Click on any of these links to view a description of the component in the right text area of the page. Most of the installs you can launch with a single click of the Install button that appears beneath the component description.

(3)

Installing the Sample Applications

To install a Password Reset Sample Application, from the Password Reset Setup program, click the either the Password Reset Sample ASP.Net Application – Email Option or the Password Reset Sample ASP.Net Application – Security Questions Option component and then click the Install button. You can install both sample applications on the same server, but you will need to run each installation routine separately.

NOTE: The Setup program automatically detects the version of SharePoint or WSS on which you are installing the sample application and displays the component button for the appropriate installation programs. In other words, if you are installing the sample applications on WSS 3.0 or Office SharePoint Server 2007 then only the component installs for Password Reset for WSS 3.0 are displayed.

The setup of each sample application will follow the same installation steps. The following instructions will show screen shots from the Email Option sample application. The Security Questions Option sample application install will follow the same installation steps.

Once the setup routine is launched, you will be presented with a welcome screen. Simply click the Next button to begin.

(4)

The next step of the installation process will prompt to specify the Site under which the sample application will be created, and it will ask for you the name of the Virtual Directory to create beneath the site. Once this

information has been entered, then click the Next button to continue.

You will receive a confirmation window (not pictured) and will need to click the Next button again to initiate the install. When the installation is complete, an installation summary window will be displayed (also not pictured). Please confirm the successful installation and simply click the Finish button to close the installation routine. If desired, follow the same set of steps to install the second sample application.

Solution Components

Note: This section to be updated for release 2.0 soon.

Email Option: Usage Guide

Note: This section contains information that may or may not need to be updated for release 2.0. These document changes will take place soon.

How Does it Work?

A user navigates to the Reset.aspx page and receives a simple UI requesting entry of their user name and email address. A Submit button click from this form then calls the core Bamboo.Utility.ResetPassword object constructor and makes a call to sendInitialEmail. This will result in an initial confirmation email being sent to the email address of the account requesting the password reset. The confirmation email will contain a hyperlink back to the

Reset.aspx page to confirm that indeed the reset password request originated from an authorized source and is still desired. Upon receipt of the user confirmation (by clicking on the email hyperlink), a call is made on the server to the sendFinalEmail method. This causes the password to be reset to a randomly generated value that is then sent back to the user in a second (and final) email message. The password reset process is considered complete and the user can log into their SharePoint portal using the new password.

(5)

Reset.aspx

User Name: Email:

Submit

Bamboo.Utility.dll

ResetPassword

Constructor: public ResetPassword(string Domain,string AdminUser,string AdminPassword,string SharepointAdminUser,string SharepointAdminPassword)

public void sendInitialMail(string emailID,string Username, string CurrentURL,string SMTPServer,string EmailFrom)

public void sendFinalMail(string emailID,string Username,string SMTPServer,string EmailFrom)

Http:

New Password

Page_Load event Authenticate Admin Credentials

Page_Load event (Admin credentials are re-authenticated here too.)

Installing the ASP.NET Application

1. Install the sample application as described in the preceding section. 2. Modify XML settings file config.xml using a text editor

a. setADAdminName – Login account of the Active Directory Administrator b. setADAdminPassword – Login password of the Active Directory Administrator c. setSPAdminUser – Login account of a SharePoint Administrator

d. setSPAdminPassword – Login password of the SharePoint Administrator account

e. setNTDomain – (true/false) Boolean value indicating whether user accounts used in SharePoint are controlled by NT (true) or are Active Directory based (false)

f. setDomain – Fully qualified network Domain

g. setEmailFrom – Sender address for all emails generated by the system

h. setInitialEmailSubject – Text to be inserted into the email Subject for email sent in the initial confirmation

i. setInitialEmailMessage – Text to be used as the message body of the initial email sent requesting confirmation

j. setFinalEmailSubject – Text to be inserted into the email Subject for the final email sent indicating that the password has been reset

k. setFinalEmailMessage – Text to be used as the message body in the final email sent indicating that the password has been reset

l. setSMTPServer – SMTP server name to use for outgoing email messages

m. setExcludedListofUsers – List of user logins, separated by semicolon “;” characters, to refuse password reset requests for

(6)

Customizing the ASP.NET Applications

Note: This section to be updated for release 2.0 soon.

The Reset Password sample solutions can be customized for your environment using Visual Studio .NET 2003 (SPv2) or Visual Studio .NET 2005 (SPv3). Create a new ASP.Net project, and add the following files to the project depending on which sample application you are customizing.

Email Option Sample Application:

Security Questions Option Sample Application: Typical customization scenarios that can be made are:

• Alter the look and feel of the UI through modifications to the layout of Default.aspx. • Change the reset password process for the Email Option to bypass the confirmation step.

• Include the requirement to validate additional user information before a reset request can be initiated. • Add security to administrator passwords by removing the need for these entries from the config.xml file.

Programmatic Reference

Assembly: Bamboo.DirectoryServices.dll. There are 2 major name spaces in this assembly. 1)

Bamboo.DirectoryServices. This name space contain all the classes to do the actual reset password logic 2) Bamboo.Utility name space contain wrapper classes for Bamboo.Directory Services classes + Email class. Name Space =

Bamboo.DirectoryServices

Major Classes:

1.

Bamboo.DirectoryServices.AdministrativeAccount

: used to Set

administrative account information such as user name, password, logon

domain name. This creates the an object to be used as one of the

parameters of the

2.

Bamboo.DirectoryServices.ResetPasswordService

Bamboo.DirectoryServices.AdministrativeAccount administrativeAccount =

new Bamboo.DirectoryServices.AdministrativeAccount();

administrativeAccount.Domain = this.adminDomain;

administrativeAccount.Password = this.adAdminPassword;

administrativeAccount.UserName = this.adAdminUser;

Domain- If you are using Active Directory, then this field stores the full qualified name of that Active Directory domain. For example: “us.bamboo.com”. If you are using Windows NT to handle your users, then this setting is the machine name.

UserName: AdminUser is a user who has the administrator rights to Active Directory. If you are using Windows NT based user accounts, then the AdminUser is the machine administrator.

Password: The password of the above said AdminUser.

Bamboo.DirectoryServices.ResetPasswordService: This class helps to reset the password of the User which can be either in Active Directory or Windows NT local machine.

Constructors: This class has only one default constructor.

public ResetPasswordService(AdministrativeAccount administrativeAccount, string fullyQualifiedDomainName,string defaultDomain)

This constructor requires 3 parameters.

(7)

fullyQualifiedDomainName: For AD it is the domain or subdomain fully qualified domain anme. example qa.bamboo.local. For Window NT local machine then it is the machine name

default domain: Active Directory: Logon domain name of the users that you want to reset password. Example “qa” for qa\user1. Window NT: machine name.

This class implemented these public interfaces. It also has its own public methods.

interface

IResetPasswordService

{

string

ResetPassword(

string

accountName,

bool

mustChangePasswordAtNextLogin,

bool

unlockAccount,

bool

enableIfDisabled,

bool

isExcludeGroup,

ref

string

listGroups);

bool

MustChangePasswordAtNextLogin(

string

accountName,

bool

mustChangePasswordAtNextLogin );

string

GetProperty(

string

accountName,

string

propertyName );

Hashtable GetProperties(

string

accountName,

string

[]

propertyNames );

bool

IsUserInGroup(

string

accountName,

string

listGroups);

bool

IsExistGroup(

string

groupName);

}

public string

ResetPassword(

string

accountName,

bool

mustChangePasswordAtNextLogin,

bool

unlockAccount,

bool

enableIfDisabled,

bool

isExcludeGroup,

ref

string

listGroups); //listGroups: group or user

names to be exlcuded from reset password

bool

MustChangePasswordAtNextLogin(

string

accountName,

bool

mustChangePasswordAtNextLogin ); This method set the flag to force user to

change password in the next login.

string

GetProperty(

string

accountName,

string

propertyName ): Get the

property value of the property name for an AD account. This is used for

Security Questions mode and it is applicable for AD only. Not for NT.

Hashtable GetProperties(

string

accountName,

string

[] propertyNames ); same

as above and return hastable.

public

bool IsUserInGroup(string loginName, string listGroups):

this method

check to see if an account belongs to a AD or NT groups to be excluded. You

can’t reset password for users belong in this group. listgGroups parameters

include the groupnames separated by ‘;”.

public

bool IsExistGroup((

string

groupName): Check to see whether the group

name is indeed in AD domain or NT groups.

public

int CheckExistGroups(string listGroupNames) : Check to see whether

the groups names are indeed in AD domain or NT groups. Return (-1) for false.

public bool HasLicense(): Check to see if the Bamboo.DirectoryServices.dll

has valid license.

(8)

This class implement this interface:

public

interface

IResetPasswordComponent

{

string

[] ExcludedUsers{

set

; }

NameValueCollection SecurityAnswers{

set

; }

string

ResetPassword(

string

userName,

string

emailAddress,

bool

mustChangePasswordAtNextLogin,

bool

unlockAccount,

bool

enableIfDisable,

bool

isExcludeGroup,

string

listGroups);

string

ResetPassword(

string

userName,

bool

mustChangePasswordAtNextLogin,

bool

unlockAccount,

bool

enableIfDisable,

bool

isExcludeGroup,

string

listGroups);

}

Sample Codes:

Bamboo.DirectoryServices.AdministrativeAccount adminAccount =

new

Bamboo.DirectoryServices.AdministrativeAccount();

adminAccount.UserName = ADAdminName.InnerText.Trim();

adminAccount.Password = ADAdminPassword.InnerText.Trim();

adminAccount.Domain = ADDomain.InnerText.Trim();

string

[] exUsers = GetExcludedUsers(excludedListofUsers.InnerText.Trim());

System.Collections.Specialized.NameValueCollection securityAnswers =

GetSecurityAnswers();

Bamboo.Utility.IResetPasswordComponent resetPWDCom =

new

Bamboo.Utility.ResetPasswordComponent(adminAccount,

fullDomain.InnerText.Trim(),

this

.defaultDomain.InnerText.Trim());

resetPWDCom.ExcludedUsers = exUsers;

resetPWDCom.SecurityAnswers = securityAnswers;

Class: Bamboo.Utility.Email

Purpose: Helper to send SMTP email. Parameters are self explainatory.

public

EmailHelper(){}

public

void

SendSMTPMail(

string

emailFrom,

string

emailTo,

string

emailCc,

string

emailBcc,

string

emailSubject,

string

emailMessage,

string

(9)

Setting File:

<

dynamicvariables

>

<!--

Indicating whether user accounts used in SharePoint are controlled by

NT (true) or are Active Directory based (false)

-->

<

setNTDomain

>

false

</

setNTDomain

>

<!--

BEGIN User accounts used in SharePoint are controlled by NT

-->

<

setNTServerName

>

yourNTservername

</

setNTServerName

>

<!--

Sharepoint Admin User Account Information This account should have

access to read the site user collection

-->

<

setSPAdminUser

>

SPAdministrator

</

setSPAdminUser

>

<

setSPAdminPassword

>

SPAdminPassword

</

setSPAdminPassword

>

<!--

End NT Account Information

-->

<!--

BEGIN AD Administrator Information

-->

<!--

Login account of the Active Directory Administrator

-->

<

setADAdminName

>

ADAdministrator

</

setADAdminName

>

<!--

- Password of the ActiveDirectory Administrator

-->

<

setADAdminPassword

>

ADAdminPassword

</

setADAdminPassword

>

<!--

- Logon Domain of the ActiveDirectory Administrator

-->

<

setADAdminLogonDomain

>

domain

</

setADAdminLogonDomain

>

<!--

END AD Administrator Information

-->

<!--

BEGIN AD Domain/SubDomain Information

-->

<!--

Full Qualified Domain

-->

<

setFullyQualifiedDomainName

>

YourFullyQualifiedDomainName

</

setFullyQualifiedD

omainName

>

<!--

Deafult Logon Domain Name for Users in this domain or subdomain

-->

<

setDefaultLogonDomainName

>

DefaultDomain

</

setDefaultLogonDomainName

>

<!--

END AD Domain/SubDomain Information

-->

<!--

Web Serivce URL

-->

<

setWebServiceURL

>

http://yourmachine/_vti_bin/UserGroup.asmx

</

setWebServiceUR

L

>

<!--

Force Change Password on Next Login (True/False)

-->

<

setForceChangePassword

>

false

</

setForceChangePassword

>

(10)

<

setUserNameHelperText

>

domain\username

</

setUserNameHelperText

>

<!--

Exclude groups or Exclude users (True/False)

-->

<

setExcludeGroup

>

false

</

setExcludeGroup

>

<!--

List of Excluded Users seperated by semicolon

-->

<

setExcludedListofUsers

></

setExcludedListofUsers

>

<!--

BEGIN EMAIL PROPERTIES

-->

<!--

SMTP Server Name

-->

<

setSMTPServer

>

mail

</

setSMTPServer

>

<!--

Valid Email Id

-->

<

setEmailFrom

>

administrator@yourdomain.com

</

setEmailFrom

>

<!--

Initial Email Subject

-->

<

setInitialEmailSubject

>

Reset Password

Confirmation

</

setInitialEmailSubject

>

<!--

Initial Email Message

-->

<

setInitialEmailMessage

>

A request has been made to reset your password.

If you have not made such a request, then please notify your system

administrator.

</

setInitialEmailMessage

>

<!--

Final Email Subject

-->

<

setFinalEmailSubject

>

Password Reset Complete

</

setFinalEmailSubject

>

<!--

Final Email Message

-->

<

setFinalEmailMessage

>

Your password has been successfully

reset.

</

setFinalEmailMessage

>

<!--

END EMAIL PROPERTIES

-->

References

Related documents

This password meets all the security requirements because it is at least 8 characters long; contains at least one uppercase letter, one digit, and one special character; and does

If you registered with your email address, click the Request Password link on the Login page to reset your password (see the Reset Your Password section for more information).. If

• Right-click the folder you wish to remove from your Favorites, and click Remove from Favorites4. NOTE: DO NOT Delete the folder as it will be deleted from

For that, open SharePoint site and go to Anonymous Access settings page (Site Actions  Site Permissions  Anonymous Access). In &#34;Anonymous Access&#34; section, specify

1. Password reset applications such as password synchronization or helpdesk applications. If a password is reset for a certain user in a certain application, integration

In the Pomcor file-repository application the password is used as part of the user’s login credentials, which also include the user ID and the repository name, as described in

password in active directory windows server 2008 28106 reset password macbook no cd Tuc6HioT windows administrator password 3tMY5W8g reset password on windows 7 0mns reset

administrator password windows xp reset apple id password for imessage how to reset windows 7 password with a usb flash drive reset password snow leopard download passware