I'm having a peculiar problem. First of all the asp:LoginName displays the Email instead of the signed username.
This is the way I used to create a new user:
MembershipUser newUser = Membership.CreateUser(sAlias, sPassword, sEmail);
Also when I check the value of
System.Web.HttpContext.Current.User.Identity.Name
and also
System.Threading.Thread.CurrentPrincipal.Identity.Name
they both contain the Email instead of the username.
Login I can perform regularly, no problem.
Any ideas? Thanks a lot.
What do you see when you check the value of:
Membership.GetUser().UserName
Just an idea, that might be useful. If that doesn't help, I'll try to see what I can do tomorrow, because I have to go to bed now. :)
Related
I need a functionality to change umbraco member password programatically.user can add their new password in the field I had set on umbraco node.and when they publish the node new password will come in effect.I had find a way to change current password to given one
member.ChangePassword(oldPassword, password);
But this requires oldpassword to work.and I cant provide it as user has already changed old password in the umbraco node.then I tried to get old password programatically.
string theUserPassword = Membership.GetUser(username).GetPassword();
but this also throws an error
Password Retrieval Not Enabled.
Is there any way to get old password programatically?Or Am I going in the wrong direction?
Umbraco uses the Microsoft Membership Provider.
You probably have set the property "EnablePasswordRetrieval" to false.
If you don't know the password but need to change it, you can reset the password bij using the ResetPassword method.
I know this is an old post and an answer has already been accepted, but you can actually achieve what the OP wants to do by using the return value of the ResetPassword method for the oldValue parameter of the ChangePassword method:
member.ChangePassword(member.ResetPassword(), "New Password")
This allows you to change the password for a user to a specific value without knowing their existing password.
Another option to an old question:
I am using Umbraco 7.2.4 and here is how I change the password.
var member = Services.MemberService.GetByUsername("username");
Services.MemberService.SavePassword(member, "new password");
Where "Services.MemberService" is from ApplicationContext.Current.Services.MemberService.
The first line of code is where you get the member for which you want to change the password. This can also be done by email or id.
Services.MemberService.GetByEmail("email")
Services.MemberService.GetById(id)
The second line is where you change the password. It is automatically hashed.
Thanks for your help on this.
I've got an ftp site and web tools (vb.net) that manage the files in the site.
The ftp site and the tools use AD groups (intranet) to check permissions.
Some directories are restricted, some not so much.
On the download tool I'm using:
My.Computer.Network.DownloadFile(urlPath, userProfileLocal & fileNameLab.Value, domainNameHid.Value, "", True, 60000, True, FileIO.UICancelOption.DoNothing)
urlPath might equal ftp://ftp.net/foo/bar/myfile.zip
For the userProfileLocal I'm trying to use Dim userProfileLocal As String = Environment.GetEnvironmentVariable("USERPROFILE") & "\documents"
fileNameLab.Value is pre-populated in a hidden input and is the file name
domainNameHid.Value is pre-populated and would look something like DOMAIN\jimmmy
I'm keeping the password value blank since I'm hoping to use AD.
I found this which says I should be using ICredentials in place of the username and password, but I'm having toubles implementing the ICredentials part, and not even sure if this is correct.
The rest I think is accounted for.
I keep getting the error Access to the path 'C:\Windows\system32\config\systemprofile' is denied.
First, that's not the path I was going for. I was hoping that GetEnvironmentVariable("USERPROFILE") & "\documents" would create the path to the documents folder... Is there a better way to do this? Why can't one just be prompted to browse to a location or a default location be used?
Second,... well, second would have to do with how I don't have perms to download to my own disk. But if the firstly can be solved, then I think this will too.
I think my AD requirements are mucking up the works for what should be a simple task. Can someone point me in the right direction for an example of ICredentials (if that's what I need) or else let me know what I'm doing wrong here?
I just wanted to respond and let those who are looking know that I found an answer.
Instead of the code used above, I ended up using the following:
Dim mydocsdir = Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments)
Response.AppendHeader("Content-Disposition", "attachment; filename=" & fileNameLab.Value)
Response.Clear()
Response.WriteFile(Path.Combine(mydocsdir, fileNameLab.Value))
This worked like a charm.
I need to write a special thanks to Darin Dimitrov who provided an answer in another post. His answer was actually the simple answer I thought it could be... but my VB.Net experience, while little now, is still growing.
I am still searching StackOverFlow as well as the innertubes but have not found an example of what I need to do.
If an user has forgotten their password and they correctly answer their reminder question, the user is shown two form fields for entering a new password; Not Emailing or displaying a random generated password.
If the user calls the support center, an admin can change the password, the reminder question and the answer.
Thanks,
James
just use this code:
var user = Membership.GetUser(username);
user.ChangePassword(user.ResetPassword(), newPassword);
this simply first resets the password and then changes it to the new password, you don't need to know the reseted intermediate password
I have an interesting problem, I am writing a password management webpage/service and I am trying to find a way to determine when a user's password is going to expire so I can manually reset their other passwords with it and send out an email, etc.
The problem I'm having is that when trying to loop through my users I'm getting the bulk of them not having a pwdlastset attribute so I can't determine when it's going to expire.
So I guess I am looking for ideas on a good way to check for when a user's password is going to expire aside from using the pwdlastset property and calculating the time left.
Thanks a bunch.
It's actually quite a bit more complicated than you might think at first...
in order to know how long a password can be valid, you need to read a "domain policy" and find out that way
Then:
if the user has the "UF_DONT_EXPIRE_PASSWD" flag set in his "userAccountControl", his password will never expire
if the "pwdLastSet" value (a "ADSLargeInteger" or Int64 value, which is rather tricky to read in the first place) is 0, the user will have to change his password the next time he logs on
if the "pwdLastSet" value is -1, the password has never been set
only if none of the above are true, then the "pwdLastSet" value contains the date when the password was last set, to which you can add the "MaxPasswordAge" from the domain policy, and this will give you the date when the user's password is going to expire
Phew! Did you think it would be this tricky? :-)
Marc
PS: If you're serious about .NET based AD programming, you ought to have this book:
The .NET Developer's Guide to Directory Services Programming
The book contains all the goodies like determining user's password expiration dates, determining user account lockout state and much much more - highly recommended! Joe and Ryan did an outstanding job getting all this information together and explaining it so that even an average Joe programmer like myself can understand it :-)
As far as I know, if pwdlastset is zero or missing, the user is either required to change their password at the next logon or their account is setup with a non-expiring password. Could this be the cause of what you are seeing?
Here's another approach:
public static DateTime GetPasswordExpirationDate(UserPrincipal user)
{
DirectoryEntry deUser = (DirectoryEntry)user.GetUnderlyingObject();
ActiveDs.IADsUser nativeDeUser = (ActiveDs.IADsUser)deUser.NativeObject;
return nativeDeUser.PasswordExpirationDate;
}
You'll need to add a reference to the ActiveDS COM library typically found at C:\Windows\System32\activeds.tlb.
I use a membership in asp.net 2008. And I build a login system with some rolls ...etc
I have a database and tables and the KEY is "username", and now I want to know how can I get a username for the member who logged in ?
for example:
I logged in as TURKI
I want to get the username TURKI
really I need for help...
thanks,
User.Identity.Name
User is a property of the page. If you need to access it elsewhere, you can use:
HttpContext.Current.User.Identity.Name
A modification to Freddy's answer when using MVC - had to use:
HttpContext.User.Identity.Name
Slight change but figured I would post it in case anyone else trying to do this in MVC hits the same snag.
Context.User.Identity.Name
you can use the Membership.GetUser() method described here:
http://msdn.microsoft.com/en-us/library/system.web.security.membership.getuser.aspx
also, if you do get the MembershipUser you could also get the 'ProviderUserKey' which uniquely identifies a user, possibly using that as your FK for your tables, that way your user can have their username updated without having to change all the keys in your tables.