I am using ADSI to allow users to change WinNT4 via a web browser. The
webpage used NTLM authentication
The problem is this...
If i log on as myself (administrator), the script executes and the users
password is updated.
If i log on as a user, i get an error message 80070005 (access is denied)
however...the password is updated anyway !!.
If the user does not have access to change the password, why does the
password change anyway ? if they do have permission, why do i get an error
being generated ?
Script is as below
oldpass = request.form("oldpass")
newpass = request.form("newpass")
username = request.form("username")
On Error resume next
Set UserObj = GetObject("WinNT://domain/computer/" & username & ",user")
UserObj.ChangePassword oldpass, newpass
If err then
If hex(err) = 80070056 then
Response.write "Password not changed, Old password is incorrect"
elseif hex(err) = 80070005 then
Response.write "Password changed , Access is denied"
Response.write "Password Change Was Not Successful" & "Error:" &
response.write "Pasword successfully changed"
Set UserObj = Nothing