Password Change Page: Change the default page of Password Change page to aexp2b.asp instead of aexp.asp

  • Article

Objective:

Redirect the default iisadmpwd virtual directory’s page to aexp2b.asp page instead of aexp.asp

-- Customer wanted to display the domain name label and text box populated in the password change page (same page when we try to browse aexp2b.asp page), when he was getting redirected to password change pages, when the user’s password was expired.

-- By default the iisadmpwd (password change) virtual directory takes to the page, which **by default** does not display the domain label and text box, to populate the domain name. Here is the snap-shot

Figure 1

image

-- This is indicated by the following entry in the Metabase.xml file (C:\WINDOWS\system32\inetsrv\iisadmpwd)

AuthExpiredURL="/iisadmpwd/aexp.asp"

Why customer wanted this?

-- Their users might be confused to just add Username instead of Domain\Username, if Username field alone is populated in the password change page.

-- So cust wanted the following page, which would have the domain field populated. Following is the snap-shot, which shows the domain field as well displayed. This is the snap-shot from aexp2b.asp page

Figure 2

image

Resolution:

To achieve this:

-- Went ahead and changed the path in IIS metabase to the following as cust wanted to display the aexp2b.asp page (same as figure 2)

AuthExpiredURL="/iisadmpwd/aexp2b.asp"

-- We can set it via the command prompt.

C:\Inetpub\AdminScripts>cscript adsutil.vbs get w3svc/AuthExpiredURL

Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

AuthExpiredURL : (STRING) "/iisadmpwd/aexp.asp"

 

C:\Inetpub\AdminScripts>cscript adsutil.vbs set w3svc/AuthExpiredURL "/iisadmpwd/aexp2b.asp"

Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

AuthExpiredURL : (STRING) "/iisadmpwd/aexp2b.asp"

--Do an iisreset.

-- After this when users password expires and they are redirected to password change page, they would **BY DEFAULT** be taken to aexp2b.asp page instead of aexp.asp page(once the above change is done).

 

More Information:

-- Here are the default settings for our iisadmpwd Virtual Directory in the Metabase.xml. For more details check the KB-833734

passwordchangeflags is set to 1 if we want to browse the VD on https://

passwordchangeflags is set to 0 if we want to browse the iisadmpwd on https://

-- In Metabase.xml file following is the default entries for the iisadmpwd setting.

AuthChangeURL="/iisadmpwd/achg.asp"

AuthExpiredURL="/iisadmpwd/aexp.asp"

AuthExpiredUnsecureURL="/iisadmpwd/aexp3.asp"

AuthNotifyPwdExpURL="/iisadmpwd/anot.asp"

AuthNotifyPwdExpUnsecureURL="/iisadmpwd/anot3.asp"

 

HTTPS Request:

-- So **BY DEFAULT** when anyone browses to website with account, whose password is about to expire, he/she would **BY DEFAULT** be taken to aexp.asp page on https://.

-- Following is the Metabase entry

AuthExpiredURL="/iisadmpwd/aexp.asp"

-- Tested that and in IIS logs got the following entries when we browse it on https://

<Date> 22:25:37 W3SVC1 127.0.0.1 GET /time.asp - 443 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254

<Date> 22:25:46 W3SVC1 127.0.0.1 GET /iisadmpwd/aexp.asp <URL> 443 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0

 

HTTP Request:

-- On https://, they are **BY DEFAULT** taken to aexp3.asp. Following is the Metabase entry

AuthExpiredUnsecureURL="/iisadmpwd/aexp3.asp"

-- Following is the IIS logs entry.

<Date> 22:10:34 W3SVC1 127.0.0.1 GET /time.asp - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254

<Date> 22:10:59 W3SVC1 127.0.0.1 GET /iisadmpwd/aexp3.asp <URL> 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0

-- Went ahead and changed the path in IIS metabase to the following as cust wanted to display the aexp2b.asp page. More details are explained above under Resolution Section.

AuthExpiredURL="/iisadmpwd/aexp2b.asp"

 

-- After following the Resolution section above got the following entries in IIS logs.

-- Following is the entry in IIS logs

<Date> 23:12:39 W3SVC1 127.0.0.1 GET /time.asp - 443 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 401 2 2148074254

<Date> 23:12:47 W3SVC1 127.0.0.1 GET /iisadmpwd/aexp2b.asp <URL> 443 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727) 200 0 0