Password Changer 2010 creates local profile

Oct 6, 2010 at 5:25 PM

I installed the tools on SharePoint 2010 for the Password Change feature.  It works great, however I noticed that when it changes the password, it creates a local profile on the SharePoint box (under "c:\users" for Win Server 2008).  This means that we could have a LOT of "local" profiles on our SharePoint box even though they are really never used (they can't log in locally on that box.)  In order to keep things "clean", it would be nice if it didn't create those local profiles.  Is there any way to stop it from doing that?

Thanks!

Paul

Coordinator
Oct 6, 2010 at 7:17 PM

Paul

Thanks so much for the feedback.  I am looking into this now.  Do you have any certain steps that you used to replicate the problem?

Oct 7, 2010 at 1:53 PM

Here is what I did.

Added the web part to a page.

Log into the page as a domain user, but a user who has never RDP'd to the MOSS FE.

Change the password successfully.

Once this is done, if you look at the LOCAL profiles on the MOSS FE box, you will see that the user whose password you changed now has a profile.  You can see their profile using the User Manager on the MOSS FE box, or simply browsing to the c:\users directory (for Windows 2008.)

I found another instance (using google) where a user wrote their own asp.net page to allow domain password changes and they found the same thing happened to them.  Their solution wasn't very good though (they modify the machine's local group policy to prevent local logins to the "users" group.)  Here is that link:  http://forums.asp.net/p/1388747/2960923.aspx

Our MOSS FE server is Windows 2008, but this also happened with a 3rd party password changer (not going to mention the name: Bamboo) we used for MOSS 2007 with a W8ndows 2003 FE.  So it isn't a Windows 2008 thing.

If you have a lot of MOSS users and a password policy that requires a forced change, it doesn't take long to have a LOT of "unused" local profiles on your MOSS FE box.

 

Thanks

Paul

Nov 5, 2010 at 1:46 PM

Burke,

Will the B2 that you release next week still create the local profiles on a password change?

Thanks.

Paul

Coordinator
Nov 5, 2010 at 2:15 PM
I haven't had a chance to address that issue and my posts on Microsoft message boards have gone unanswered. My feeling is that beta 2 will contain exactly the same change pwd webpart as beta 1.

On Fri, Nov 5, 2010 at 8:46 AM, pstemper <notifications@codeplex.com> wrote:

From: pstemper

Burke,

Will the B2 that you release next week still create the local profiles on a password change?

Thanks.

Paul

Read the full discussion online.

To add a post to this discussion, reply to this email (adselfservice@discussions.codeplex.com)

To start a new discussion for this project, email adselfservice@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Nov 5, 2010 at 2:42 PM

Gotcha.  I understand the lack of response on the message boards.  I once (back in early 2009) posted this EXACT same issue up there, and NEVER received a response.  I was writing my OWN sharepoint password change webpart.

I got around the issue back then, but it was not in the most elegant fashion..  If you want more info on how I "worked around" the issue, and why I believe it is happening, we can take it up offline if you desire.

Thanks again.

Paul

Coordinator
Nov 5, 2010 at 2:48 PM
I think this is happening because of the AccountManagement class. I think its just a bug in the class and something Microsoft needs to fix.

It can be done using the old DirectoryServices namespace, but I have had WAY to many people have problems with that particular setup. I have on many occasions considered trying to do this with an win32 API call, but I just haven't gotten around to implementing it.

On Fri, Nov 5, 2010 at 9:42 AM, pstemper <notifications@codeplex.com> wrote:

From: pstemper

Gotcha. I understand the lack of response on the message boards. I once (back in early 2009) posted this EXACT same issue up there, and NEVER received a response. I was writing my OWN sharepoint password change webpart.

I got around the issue back then, but it was not in the most elegant fashion.. If you want more info on how I "worked around" the issue, and why I believe it is happening, we can take it up offline if you desire.

Thanks again.

Paul

Read the full discussion online.

To add a post to this discussion, reply to this email (adselfservice@discussions.codeplex.com)

To start a new discussion for this project, email adselfservice@discussions.codeplex.com

You are receiving this email because you subscribed to this discussion on CodePlex. You can unsubscribe or change your settings on codePlex.com.

Please note: Images and attachments will be removed from emails. Any posts to this discussion will also be available online at codeplex.com


Nov 5, 2010 at 3:15 PM

Ok.  I am assuming that once this is out of Beta, you will be posting the source code again (like you did for 1.x)?  Then maybe I can take the source and modify it to work around this issue.

Just checking as I have not seen any beta source posted yet, but then again I understand why you wouldn't post beta code.

Paul