Our company, Efficience, setup Microsoft SharePoint 2010 Server for our internal website. We use this for our corporate communications, project and product management. We rely heavily on SharePoint. We also have employees that are in Pondicherry, India who connect to the SharePoint server. As the defacto Systems Administrator in the office, I try to leverage RDP for administering user connections to servers, etc. However, as most admins will attest, I do not want anyone having remote desktop access to Active Directory. For this reason, we created the AD Change Password web part.
I spent a few days combing through the web to find a reasonably priced web part to install that met our needs. I found them to range between $495 and $1200. Granted, some of them had more whistles and bells than was needed, but none fit our simple requirement: allow users to log in to SharePoint and change their AD password.
So, we finished up with a web part that meets are requirement.
The web part is simple:
1) a three field form
2) a label control wired to the current user to display their name and
3) a submit button
To make the connections to the LDAP provider (Active Directory), we added the tool part pane which can be changed based on the environment variable inputs. Simply, edit the web part once it's on the page, provide the:
- LDAP Address (example: servername.domain.local)
- Service Account Name : needs to have privileges to talk to the LDAP provider.
- Service Account Password : not "Secret"!