Forum Discussion
JoeTheFifth
Altostratus
AltostratusReset forgotten user password iRule = Sideband
Hi Guys,
Just discovered the sideband technique. I'm looking into crafting an irule to reset a user password in Active directory. I'm using APM to get the user loginname. BigIP LTM 11.5.4.
Here ...
JoeTheFifthAltostratus
AltostratusMy plan:
- Build a lightweight IIS web site on my Web Server
- Add code (C sharp) to reset password and Set the 'Change Password at next logon' based on a string (username) received in the query example :
- Create an irule to perform a sideband connection => send the username and get a success result
- go on with the APM policy if result is OK.
- User will get a random password and will be asked to change it by APM on next logon
What do you guys think?
Daniel_W__13795
Nimbostratus
NimbostratusI recommend you to use cert based authentication to secure the link between F5 and IIS. This is the most secure way and easy to implement. You will find a good cookbook here: https://medium.com/@hafizmohammedg/configuring-client-certificates-on-iis-95aef4174ddb
You will then need to attach the client certificate on the server SSL profile of the sideband VS.
Good luck