Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add the ability to change account passwords from the web app #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jackbuehner merged 7 commits into from
Jul 27, 2025
Merged

Add the ability to change account passwords from the web app #112

jackbuehner merged 7 commits into from
Jul 27, 2025

Conversation

@jackbuehner
Copy link
Collaborator

@jackbuehner jackbuehner commented Jul 27, 2025
edited
Loading

This PR adds the ability to change account passwords from the web interface. This is especially helpful for when login fails because a password has expired or an administrator has forced a user to change their password before they can sign in.

  • On login.aspx, error messages describing the need to change a password now include a link to the password change page.
  • When signed in, the profile menu now shows an option to change a password.
  • A new page at password.aspx now allows you to enter a username, old password, and new password. It first attempts to find the directory entry for a user and change the password. If that fails, it falls back to using principal contexts. If that fails, an error message is shown.

This feature does not work if a user does not have the ability to change their password directly. It will also not work if the raweb application pool does not have permission to access user principals or directory entries and change their passwords.

This is not implemented with NetUserChangePassword from netapi32.dll because it would require the application process to run with increased permissions. Additionally, in my testing, even when input passwords were correct, it always gave error 86 (ERROR_INVALID_PASSWORD).

Resolves #100.

Install

Run as an administrator in PowerShell to install this branch:

iwr -UseBasicParsing install.raweb.app/preview/jackbuehner/password-change | iex

Checklist

  • Local account
  • Domain account

Screenshots

image image image image

@jackbuehner jackbuehner added the enhancement New feature or request label Jul 27, 2025
@jackbuehner jackbuehner self-assigned this Jul 27, 2025
@jackbuehner jackbuehner marked this pull request as ready for review July 27, 2025 00:31
@jackbuehner jackbuehner merged commit fb73a8f into kimmknight:master Jul 27, 2025
@jackbuehner jackbuehner deleted the password-change branch July 27, 2025 01:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jackbuehner jackbuehner

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature request: Change user password via RAweb

1 participant

@jackbuehner