Password resets via Remote Desktop Web Access


We’re all familiar with the monthly password reset – a prompt from Windows that your password has expired, enter your new password twice and you’re done for another month. But what if your Windows domain is only accessible from Remote Desktop Web Access? If you allow your password to expire, you’re locked out! Fortunately Microsoft have a page called password.aspx that allows you to reset your password from the web browser. It’s disabled by default, but I’ll show you how to enable it and how to edit your login page to link to it.

Enabling the password reset page

Enabling the password.aspx page involves editing an application setting in IIS. If you’re working with Windows server 2012/2012 R2, this setting will already exist. If you’re working with 2008 R2, you’ll need to create the setting. The setting is called PasswordChangeEnabled and can be found under Default Web Site/RDweb/Pages > Application Settings. Set the value of this setting to ‘true’.

Application settings

You can achieve this with the following PowerShell code snippet:

$webconfig = 'C:\Windows\Web\RDWeb\Pages\Web.config'
$doc = (Get-Content $webconfig) -as [Xml]
$obj = $doc.configuration.appSettings.add | where {$_.Key -eq 'PasswordChangeEnabled'}
if ($obj.value -eq 'false') {
   $obj.value = 'true'
   }
$doc.Save($webconfig)

Note: If you’re working with Server 2008 R2, you’ll need to reboot.

Password.aspx will be created under c:\Windows\Web\RDWeb\Pages\en-us\. Users can now browse to /Rdweb/Pages/en-us/password.aspx to change their password, but wouldn’t it be nice if they had a link to reset their password on the login page?

Adding a link to the Login page

If you’ve already edited the login page to apply your own branding, you’ll be familiar with the layout of the login.aspx page. I find the best place to drop a link is immediately beneath the username and password fields.

Search for the following code:

<table width=”300″ border=”0″ cellpadding=”0″ cellspacing=”0″>
<tr>
<td width=”130″ align=”right”><%=L_PasswordLabel_Text%></td>
<td width=”7″></td>
<td align=”right”>
<label><input id=”UserPass” name=”UserPass” type=”password” runat=”server” size=”25″ autocomplete=”off” /></label>
</td>
</tr>
</table>
</td>
</tr>

Now drop the following code immediately beneath it:

<br>
<tr>
<td align=”right”>
<a href=”password.aspx” target=”_blank”>Click Here</a> to reset your password.
</td>
</tr>

Your login page will now look like this:

 

login

This is what the password reset page looks like to the user:

Reset password

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s