Hello!
Change how to handle groups, but in the new version verification is skipped, administrators can change the password. "UseAutomaticContext": false - dont work. Password changes from current user.
appsettings.json:
{
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Debug",
"System": "Information",
"Microsoft": "Information"
}
},
"WebSettings": {
"EnableHttpsRedirect": true
},
"AppSettings": {
"UseAutomaticContext": false,
"RestrictedADGroups": [
"IT-SuperAdmin",
"IT-Adminl"
],
"AllowedADGroups": [
"Allow"
],
"IdTypeForUser": "SAM",
"UpdateLastPassword": true,
"LdapSearchBase": "OU=Users, OU=DC, DC=domain, DC=local",
"LdapSecureSocketLayer": true,
"LdapStartTls": false,
"LdapChangePasswordWithDelAdd": true,
"LdapSearchFilter": "(sAMAccountName={Username})",
"LdapHostnames": [
"dc1.domain.local",
"dc2.domain.local"
],
"LdapPort": 636,
"LdapUsername": "user@domain.local",
"LdapPassword": "xxxxxxxx",
"DefaultDomain": [
"domain.local"
]
},
"ClientSettings": {
"ValidationRegex": {
"EmailRegex": "^[a-zA-Z0-9.!#$%& ^^y*+/=?^_{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$",
"UsernameRegex": "^[a-zA-Z0-9._-]{3,20}$"
},
"UsePasswordGeneration": false,
"MinimumDistance": 0,
"PasswordEntropy": 16,
"ShowPasswordMeter": true,
"MinimumScore": 0,
"Recaptcha": {
"SiteKey": "",
"PrivateKey": "",
"LanguageCode": "en"
},
"UseEmail": "false",
"ApplicationTitle": "Change Account Password | Self-Service Account Management Tools",
"ChangePasswordTitle": "Change Account Password",
"ChangePasswordForm": {
"HelpText": "If you are having trouble with this tool, please contact IT Support",
"UsernameLabel": "Username",
"UsernameHelpblock": "Your organization's email address",
"UsernameDefaultDomainHelperBlock": "Your organization's username",
"CurrentPasswordLabel": "Current Password",
"CurrentPasswordHelpblock": "Enter your current password",
"NewPasswordLabel": "New Password",
"NewPasswordVerifyLabel": "Re-enter New Password",
"NewPasswordVerifyHelpblock": "Enter your new password again",
"ChangePasswordButtonLabel": "Change Password"
},
"ErrorsPasswordForm": {
"FieldRequired": "This field is required",
"UsernamePattern": "Please enter a valid username",
"UsernameEmailPattern": "Please enter a valid email address",
"PasswordMatch": "Passwords do not match"
},
"Alerts": {
"SuccessAlertTitle": "You have changed your password successfully.",
"SuccessAlertBody": "Please note it may take a few hours for your new password to reach all domain controllers.",
"ErrorPasswordChangeNotAllowed": "You are not allowed to change your password. Please contact your system administrator.",
"ErrorInvalidCredentials": "You need to provide the correct current password.",
"ErrorInvalidDomain": "You have supplied an invalid domain to logon to.",
"ErrorInvalidUser": "We could not find your user account.",
"ErrorCaptcha": "Could not verify you are not a robot.",
"ErrorFieldRequired": "Fulfill all the fields.",
"ErrorFieldMismatch": "The passwords do not match.",
"ErrorComplexPassword": "Failed due to password complex policies: New password length is shorter than AD minimum password length",
"ErrorConnectionLdap": "Unhandled error connecting to the LDAP server.",
"ErrorScorePassword": "The password you are trying to set is not secure enough.",
"ErrorDistancePassword": "The password you are trying to set is not diferent enough of your last password.",
"ErrorPwnedPassword": "The password you are trying to use is publicly known and can be used in dictionary attacks."
}
}
}
PassCore Server
Hello! Change how to handle groups, but in the new version verification is skipped, administrators can change the password. "UseAutomaticContext": false - dont work. Password changes from current user.
appsettings.json: { "Logging": { "IncludeScopes": false, "LogLevel": { "Default": "Debug", "System": "Information", "Microsoft": "Information" } }, "WebSettings": { "EnableHttpsRedirect": true }, "AppSettings": { "UseAutomaticContext": false, "RestrictedADGroups": [ "IT-SuperAdmin", "IT-Adminl" ], "AllowedADGroups": [ "Allow" ], "IdTypeForUser": "SAM", "UpdateLastPassword": true, "LdapSearchBase": "OU=Users, OU=DC, DC=domain, DC=local", "LdapSecureSocketLayer": true, "LdapStartTls": false, "LdapChangePasswordWithDelAdd": true, "LdapSearchFilter": "(sAMAccountName={Username})", "LdapHostnames": [ "dc1.domain.local", "dc2.domain.local" ], "LdapPort": 636, "LdapUsername": "user@domain.local", "LdapPassword": "xxxxxxxx", "DefaultDomain": [ "domain.local" ] }, "ClientSettings": { "ValidationRegex": { "EmailRegex": "^[a-zA-Z0-9.!#$%& ^
^y*+/=?^_{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$", "UsernameRegex": "^[a-zA-Z0-9._-]{3,20}$" }, "UsePasswordGeneration": false, "MinimumDistance": 0, "PasswordEntropy": 16, "ShowPasswordMeter": true, "MinimumScore": 0, "Recaptcha": { "SiteKey": "", "PrivateKey": "", "LanguageCode": "en" }, "UseEmail": "false", "ApplicationTitle": "Change Account Password | Self-Service Account Management Tools", "ChangePasswordTitle": "Change Account Password", "ChangePasswordForm": { "HelpText": "If you are having trouble with this tool, please contact IT Support", "UsernameLabel": "Username", "UsernameHelpblock": "Your organization's email address", "UsernameDefaultDomainHelperBlock": "Your organization's username", "CurrentPasswordLabel": "Current Password", "CurrentPasswordHelpblock": "Enter your current password", "NewPasswordLabel": "New Password", "NewPasswordVerifyLabel": "Re-enter New Password", "NewPasswordVerifyHelpblock": "Enter your new password again", "ChangePasswordButtonLabel": "Change Password" }, "ErrorsPasswordForm": { "FieldRequired": "This field is required", "UsernamePattern": "Please enter a valid username", "UsernameEmailPattern": "Please enter a valid email address", "PasswordMatch": "Passwords do not match" }, "Alerts": { "SuccessAlertTitle": "You have changed your password successfully.", "SuccessAlertBody": "Please note it may take a few hours for your new password to reach all domain controllers.", "ErrorPasswordChangeNotAllowed": "You are not allowed to change your password. Please contact your system administrator.", "ErrorInvalidCredentials": "You need to provide the correct current password.", "ErrorInvalidDomain": "You have supplied an invalid domain to logon to.", "ErrorInvalidUser": "We could not find your user account.", "ErrorCaptcha": "Could not verify you are not a robot.", "ErrorFieldRequired": "Fulfill all the fields.", "ErrorFieldMismatch": "The passwords do not match.", "ErrorComplexPassword": "Failed due to password complex policies: New password length is shorter than AD minimum password length", "ErrorConnectionLdap": "Unhandled error connecting to the LDAP server.", "ErrorScorePassword": "The password you are trying to set is not secure enough.", "ErrorDistancePassword": "The password you are trying to set is not diferent enough of your last password.", "ErrorPwnedPassword": "The password you are trying to use is publicly known and can be used in dictionary attacks." } } }Help me please