Is it possible for our Windows domain users to reset their own NT password at Windows 7 login screen?
To clarify, we have a corporate network with lots of Windows 7 users. When they forget their passwords, rather than calling IT Support, could they be prompted to answer some security questions, to ultimately reset their own password?
Best Answer
The answer here, is Yes. And here's how.
I have read, read and then re-read, Dan Griffith's MSDN article on creating Custom Login Experiences.
I then downloaded the Microsoft Credential Providers samples, which are C++ sample projects that demonstrate how to use the Windows log-in Credential Providers for Vista and above.
Modified the sample wrapper application such that I've added a 'Forgot your password' link to the native log on screen.
Made the 'Forgot your password' call off to a C# application that communicates securely with an internal service that communicates with Active Directory to reset the password, following a series of user-specific questions.
Easy. Well, not quite. But straight forward in many ways.