unosquare / passcore Goto Github PK
View Code? Open in Web Editor NEWA self-service password management tool for Active Directory
Home Page: https://unosquare.github.io/passcore/
License: MIT License
A self-service password management tool for Active Directory
Home Page: https://unosquare.github.io/passcore/
License: MIT License
This works great with one exception. It does change the password (confirmed) but instead of a success page as expected, I get a error: Error Information: The specified network password is not correct. (Exception from HRESULT: 0x80070056)
Running on a 2012r2 server with the latest patches.
Not sure if it is checking the password twice or its not happening fast enough?
Any help would be appreciated. This is a great app!
Jamee
When trying to access the password.yourdomain.com over the VPN, the website is only showing the passcore logo. It is unable to load the default page. The site is working internally. Please help me in modifying the page to access through VPN
Module IIS Web Core
Notification Unknown
Handler Not yet determined
Error Code 0x80070003
Config Error Cannot read configuration file
Any one else run into this issue?
Please add Password Reset Option as well through which users can reset their forgotten passwords by answering security questions.
Would it be very hard to send the user back to the site he came from after password change was successful and X delay?
Hi,
I'm getting this error when I attempt to change a password.
I'm also after some more information about how the application actually does the password change please - what permissions are required, etc?
Hello everyone.
The application was working for 10 days without problems.
But then I get the following error and searching the Internet says it is an upgrade.
These updates are not installed on my Windows Server 2012r2 (my domain is Windows Server 2012r2)
**** Error Information: The system cannot contact a domain controller to service the authentication request. Please try again later. (Exception from HRESULT: 0x800704F1)
So to start, please know that I'm an IIS noob. Hand me an .htaccess file and some PHP code in Apache and I can move mountains. But IIS and ASP... I am so lost.
I think the issue is with the httpPlatformHandler. But first, let me give you my setup:
Here's what I'm running:
Here's what I did:
Here's what I get:
I get a web page that does load, but it is giving me a "HTTP Error 502.3 - Bad Gateway"
This page contains other nuggets of information like:
Everytime I browse to the website, I get 10 Errors in the Windows Application Log that read:
(each time the port number changes to some other random number)
After the tenth Error, I get an Information message that reads:
I tried disabling all firewalls, same result.
I tried rebooting about two dozen times, same result.
I tried uninstalling and reinstalling the httpPlatformHandler about three times, same result.
Googling various error messages and error codes brought me into the depths of httpPlatformHandler hell, with most of the results being tailored to the developers of applications, not end users, so I really wasn't 100% certain I understood what I was reading half the time. I found myself at sites like:
aspnet/Hosting#364
and
dotnet/aspnetcore#1000
and
aspnet/IISIntegration#45
I got the idea from one of those posts to set "stdoutLogEnabled" to true in the web.config file. All that does, however, is create additional warnings in the Application log that read "Could not create stdoutLogFile ?\C:\inetpub\logs\stdout_2852)201682445931.log. ErrorCode = -2147024891."
In a move of sheer desperation, I gave "Everyone" full rights to the inetpub directory. It started to create the stdout error log files, but unfortunately, they were all empty.
(I have since removed the Everyone permission and changed the stdoutLogEnabled flag back to false.)
Since I don't think this is a PassCore problem and more of an httpPlatformHandler issue (or a "I don't know what I'm doing and shouldn't be given sharp objects" issue), I don't know if anyone here can really help. But if anyone knows or understands what I'm talking about and can at the very least point me in the direction of a place or post that can shed some light on what I might possibly be doing wrong, I'd very much appreciate it.
Thank you.
Having issues just getting the page to load.
I get the same issue as in #1, but am unable to use online commands.
I have downloaded from nuget directly and used dnvm to update locally. It seems to have possible resolved.
I now get "failed to initialize runtime 0x"
So we stop people from using their last two passwords, and when someone does try to use their a previous password, instead of telling them its not allowed due to the policy, it says this " There was an error changing your password
Error Information: The system cannot contact a domain controller to service the authentication request. Please try again later. (Exception from HRESULT: 0x800704F1)"
Is there anyway to change that error message to reflect the true nature of what the issue is? Otherwise, the product works as expected.
Thanks!
hi
i download the files and installed and when i try to browse the site my browser is write loading..with
red icon and nothing hapend.
please your help
thanks
dan
Hi all,
As a lot of companies I have some people that work at home or international, so I got the problem to permit the password reset.
I'd to try passcore and it seemed to be very usefull until my issue.
I've followed all the installation howto and it was ok
I've created a user to test it, I reset the password and it was ok.
But at the second tried to reset the password I got an error.
This issue appeared for all created users that I've tested.
error message:
"There was an error changing your password
Error Information: An error occurred while sending the request."
Did someone get the same issue? And almost did someone know how to resolve it?
Thanks in advance for your help!
Hello.
Installation with README went ok and app is working as main app. But I need it to integrate it with my current app working with one ssl cert. After adding app as subfolder I get only:
PassCore logo
Powered by PassCore v2.0.2.beta.2 - OSS and MIT Licensed
Copyright © 2016 Unosquare
Is it possible to install app as subfolder of default site?
Hi, I apologize if this is a simple fix but I have searched for awhile and I cannot seem to find a solution. The first issue I had is the one that your link predicted (error 500.19, where you correct it by unlocking the section in the configuration editor), however now I have the second issue where the page loads indefinitely. I think their fix would solve it but I think I am implementing it incorrectly. I am wondering if you might assist.
Error: Unable to load application or execute command 'Microsoft.AspNet.Server.Kestrel'. Available commands: web.
System.NotSupportedException: An attempt was made to load an assembly from a network location which would have caused the assembly to be sandboxed in previous versions of the .NET Framework. This release of the .NET Framework does not enable CAS policy by default, so this load may be dangerous. If this load is not intended to sandbox the assembly, please enable the loadFromRemoteSources switch. See http://go.microsoft.com/fwlink/?LinkId=155569 for more information.
at System.Reflection.RuntimeAssembly.nLoadFile(String path, Evidence evidence)
at System.Reflection.Assembly.LoadFile(String path)
at Microsoft.Dnx.Runtime.Loader.LoadContext.LoadFile(String assemblyPath)
at Microsoft.Dnx.Runtime.Loader.PackageAssemblyLoader.Load(AssemblyName assemblyName, IAssemblyLoadContext loadContext)
at Microsoft.Dnx.Runtime.Loader.PackageAssemblyLoader.Load(AssemblyName assemblyName)
at Microsoft.Dnx.Host.LoaderContainer.Load(AssemblyName assemblyName)
at Microsoft.Dnx.Host.DefaultLoadContext.LoadAssembly(AssemblyName assemblyName)
at Microsoft.Dnx.Runtime.Loader.AssemblyLoaderCache.GetOrAdd(AssemblyName name, Func`2 factory)
at Microsoft.Dnx.Runtime.Loader.LoadContext.LoadAssemblyImpl(AssemblyName assemblyName)
at Microsoft.Dnx.Runtime.Loader.LoadContext.ResolveAssembly(Object sender, ResolveEventArgs args)
at System.AppDomain.OnAssemblyResolveEvent(RuntimeAssembly assembly, String assemblyFullName)
I tried installing dnx by getting dnvm and then doing dnvm upgrade -r clr. I tried setting system-wide environment variables to no avail. Can you assist possibly? Should I be using a version of DNX or should I only be using the items that I unzipped? Oh, I'm running windows server 2012.
I have tested on Server 2008 R2 (IIS 7.5, .NET 4.5.2) and 2012 (IIS 8.5, .NET 4.5.2). dnvm version 1.0.0-rc1-update2, all packages installed to location specified in docs. Also, Windows Firewall is disabled, and I'm running under a privileged user for testing.
Loading the site hangs until timeout. Logs and failed request traces do not show anything of note ( to my eyes). I can load the app by running the startup script (%passcore-root%\approot\web), which allows me to connect on localhost:5000 and shows incoming requests in the shell.
It seems that httpplatformhandler (v1.2) is not correctly proxying requests to the application.
Just getting a blank page waiting for ever in browser. Have run the DNX command manually to see what's going wrong and getting the below details - which don't mean much to me.
D:\Program Files\PassCore\approot>"D:\Program Files\PassCore\approot\runtimes\dn
x-clr-win-x86.1.0.0-rc2-16357\bin\dnx.exe" --project "D:\Program Files\PassCore
approot\src\Unosquare.PassCore.Web" --configuration Debug web > test.log
Error: Unable to load application or execute command 'Microsoft.AspNet.Server.Ke
strel'. Available commands: web.
System.NotSupportedException: An attempt was made to load an assembly from a net
work location which would have caused the assembly to be sandboxed in previous v
ersions of the .NET Framework. This release of the .NET Framework does not enabl
e CAS policy by default, so this load may be dangerous. If this load is not inte
nded to sandbox the assembly, please enable the loadFromRemoteSources switch. Se
e http://go.microsoft.com/fwlink/?LinkId=155569 for more information.
at System.Reflection.RuntimeAssembly.nLoadFile(String path, Evidence evidence
)
at System.Reflection.Assembly.LoadFile(String path)
at Microsoft.Dnx.Runtime.Loader.LoadContext.LoadFile(String assemblyPath)
at Microsoft.Dnx.Runtime.Loader.PackageAssemblyLoader.Load(AssemblyName assem
blyName, IAssemblyLoadContext loadContext)
at Microsoft.Dnx.Runtime.Loader.PackageAssemblyLoader.Load(AssemblyName assem
blyName)
at Microsoft.Dnx.Host.LoaderContainer.Load(AssemblyName assemblyName)
at Microsoft.Dnx.Host.DefaultLoadContext.LoadAssembly(AssemblyName assemblyNa
me)
at Microsoft.Dnx.Runtime.Loader.AssemblyLoaderCache.GetOrAdd(AssemblyName nam
e, Func`2 factory)
at Microsoft.Dnx.Runtime.Loader.LoadContext.LoadAssemblyImpl(AssemblyName ass
emblyName)
at Microsoft.Dnx.Runtime.Loader.LoadContext.ResolveAssembly(Object sender, Re
solveEventArgs args)
at System.AppDomain.OnAssemblyResolveEvent(RuntimeAssembly assembly, String a
ssemblyFullName)
i have issue with this error: There was an error changing your password
Error Information: Exception has been thrown by the target of an invocation.
where to enable log file to see where it stops?
i have double checked all instructions, edited appsettings.json and no succcess
I followed the instructions carefully and this is the error you get when you pull up the server. Any ideas?
Windows 2012 R2 clean install including all windows updates.
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
Hello
First of all congratulations for the work done.
Second, I would like to use your project in my company.
My company is a government company, so I wanted to ask if we are entitled to change your home Page of the application?
and if you can help in this regard.
via file AppSetting.Json I could change some things but I was interested to change also the place PassCore and put it in the bottom of the page and add the location of our company.
It also adds some interest to the LINKS page.
Can you tell us how we can proceed.
I'm a systems engineer and I do not mean that much of the Web application
Thank you in advance
Hola Mario,
I'm the BigFrodo guy here and the reason I was digging around and googling your issue original is that my organisation runs PassCore that was set up by a previos tech with no documentation and is now spitting out the above error (Unknown error (0x8000500c)) whenever the user submits the password. After upgrading to PassCore v2.0 it's still the same error message but much prettier
After a proper google-fu I believe I somehow overlooked this fix before and I'll report back if it works. Until then I thought I'd leave the link here in case any other hapless techs like myself encounter it and are looking for answers in the passcore issues log.
Multiple domain support in PassCore would be a useful feature. Without multiple domain support, is it possible to configure more than one instance of PassCore as independent applications beneath a single IIS website instance so that, for example, website/domain1 and website/domain2 could be independently configured with UseAutomaticContext set to false and explicit domain information and credentials?
I installed, editd the config for my ldap info. Page loads, no matter who i try to change. i get
There was an error changing your password
Error Information: The user name or password is incorrect.
Again, must change password is NOT checked for my users.
EDIT. I changed "UseAutomaticContext": true, (it was false)
and now i get this error
There was an error changing your password
Error Information: The specified network password is not correct. (Exception from HRESULT: 0x80070056)
Hello,
Any chance you would be considering putting an unlock ability too into this?
Regards,
When I try to change a password, I get an error:
" There was an error changing your password
Error Information: Logon failure: unknown user name or bad password."
I've tried changing the server in the appsettings.json to the DC and it does the same thing. Any suggestions? I've already checked our firewall and the traffic is getting to the DC fine.
There is any option to set up by default the domain in the username field in any place ?
so only write the username in the box without the full domain
Any way to make this in packaging setup? Like even maybe run on its own lightweight web servers, etc. 1 Single click install will be great !!
sample - http://zwamp.sourceforge.net/
Hi,
First of all, thank you very much for a nice project.
After setting up PassCore, it works fine to change the password (as long you type in valid data).
I have an issue in case the user types in the old password wrong or a user that doesn't exist.
There's no error message shown. Basically nothing happens, the screen stays the same as before you press "Change Password".
Kind Regards
Per
I have an implementation on an AD controlled domain where the users cannot change their passwords if they have expired or if the account is set to change password at next login. Is there a setting in the application I am missing to get this to work?
Tim
My company domain account is limited log on to with their computer.
When I change password with passcore, I have issue :
The password change operation failed with the following message: The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1)
Hello,
I have installed the passcore tool on a IIS Webserver.
But i get only the header of the website and "Loading...".
I have done every step of the instruction. What can i do to solve this issue?
kind regards
I'm using PassCore 2.0.2.Beta.2 in a domain environment. I have a default configuration where UseAutomaticContext = true
.
I'm seeing an error message displayed "Error Information: The system cannot contact a domain controller to service the authentication request. Please try again later. (Exception from HRESULT: 0x800704F1)" when trying to change a password but falling foul of GPO enforced password requirements.
When "following the password rules" I can change my password. However, I get this message when trying to set a password that's too short, or that doesn't have a sufficient number of different character groups, or that is contained within the password history.
Looking around, it seems that that this may be Known Issue 2 at https://support.microsoft.com/en-us/kb/3177108 but there is no obvious solution offered by Microsoft in that article.
Any thoughts please?
Lastly, I really appreciate you putting in the work to deliver this updated version of PassCore (we've been using your previous one for a year or so). Thank you.
how to define the input password length, so keep the domain policy settings are consistent.
Is there a way to require a minimum password strength?
If a user has the "User must be changed at next logon" attribute set, they get the "You need to provide the correct current password" error. Is this application capable of setting passwords in this scenario?
If so, what needs to be done to allow this.
Thanks
Hi.
Do you have any plan to add multilingual support to passcore?
Hi,
Sorry if I'm dumb and do not understand this ASP/JS stuff (I'm a Linux/Python guy), but can I get a redirection to an URL after a successful password change ?
I can't see how to do this from the documentation or the code.
Thx for your help,
Charles
I've tried many variations of the PasswordChangeOptions. PassCore always comes back with "There was an error changing your password. Error Information: You need to provide the correct current password." No files are created in the PassCore\logs directory even though I have the Logging set to Verbose. I know that I'm typing the right password because I can use it to login to the network. I've gone through the troubleshooting steps several times. I've reinstalled several time. Since this application has so many dependencies, it might be nice to have some sort of test tool or error logs. I'd like something to tell me what needs to be fixed.
Hi, thanks for the work.
When i tryed to change a password, I always get the same error:
There was an error changing your password
Error Information: The password does not meet the password policy requirements. Check the minimum password length, password complexity and password history requirements. (Exception from HRESULT: 0x800708C5)
But the password policy requirements is meeted. I double checked it manually.
Any idea ?
Where can I find an uninfected zip copy of PassCode 2 that's not infected with malware?
The flavor available at https://github.com/unosquare/passcore/releases/download/v2.0.0/passcore-2.0-2016-01-24.zip is infected (see www.virustotal.com, SHA256: 892f4574ea0001ae49fb9dc01cbf174d315979b6dbe3a06c434cde725e38d710, passcore-2.0-2016-01-24.zip, Detection ratio: 2 / 54.
passcore-master.zip, source code ??, is not reported as infected.
Regards,
Good morning!
Awsome product and works pretty good so far! Thank you, you just saved me a awfull lot of work.
But, we are a french college, I want to translate the display text. Could you give me a pointer of where to look? Also after it is translated, are you interested in having it?
Thank you.
i gonna be direct in the question.
there is a option to enable the reset password if anyone don't know the last password ?
I think this may help users getting this thing up and running without much trouble.
it took me a while to get things to run and I went through the entire issue list, and compiled steps into integrating all the solutions, i'm pretty sure (90%) that this should cover all the problems.
thank you to all the contributors before me (too many to name) for this list. please review and let me know if this works along the same path, there are some detours, but I think it will be as complete as possible.
Installation Instructions for passcore:
[Assuming you've downloaded the latest zip]<<
1 - Unblock the zip (properties > unblock)
2 - unpack into any directory
3 - Install IIS + IIS Application Development Tools (all but CGI)
4 - Install a self signed personal certificate with the name of the website (eg. password.mydomain.com)
5 - Install HttpPlatformHandler from Web Platform Installer --> http://www.iis.net/downloads/microsoft/httpplatformhandler
6 - Install .Net Framework 3.x, 4.x (Server Features may have this as well) --> http://www.microsoft.com/en-us/download/details.aspx?id=42643
7 - Verify and install powershell version 4.0 is installed (in powershell $PSVersionTable.PSVersion)
8 - Install Visual C++ 2013 Redist --> http://www.microsoft.com/en-us/download/details.aspx?id=40784
9 - Run powershell as admin: $Branch='dev'; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/aspnet/Home/dev/dnvminstall.ps1'))
10 - while in elevated powershell -> cd %passcore_home%/approot/src/Unosquare.passcore.web/ ; dnu restore
a - if dnu restore does not work, run "dnvm install latest" first (then go back to item 9)
11 - [OPTIONAL IF TESTING NEWLY CREATED USERS] - Ensure password min policy is set to 0 days: GPO_name\Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
a - https://technet.microsoft.com/en-us/library/hh994570%28v=ws.11%29.aspx
12 - Create the Application Pool in IIS: Find Application Pools and Right Click > add application pool
a - name: passcore application pool
b - .net CLR version: no managed code
c - managed pipeline: integrated
d - start immeidately: unchecked
13 - Right Click the application pool > advanced settings
a - start mode: alwaysrunning
b - idle time-out: 0 << never idles
c - OK
14 - Go back to IIS manager and create a new site
a - Right click sites > add website
b - Site name: passcore website
c - application pool: select the created application pool: passcore application pool
d - physical path: find the path to the unzipped directory > wwwroot (not the parent directory)
e - binding: (type) https / (ip address) All UnAssigned / (port) 443
f - ssl cert: select the self signed cert that was created in option 4
15 - cd %passcore_home%/approot/src/Unosquare.passcore.web/; edit > appsettings.json
Edit the following:
"AppSettings": {
"RecaptchaPrivateKey": "",
"PasswordChangeOptions": {
"UseAutomaticContext": false, << change to false
"LdapHostname": "", << hostname of ad server
"LdapPort": 389,
"LdapUsername": "", << admin user name
"LdapPassword": "" << admin password
16 - (re)start the application pool and website
17 - browse to https://
a - if browsing does not work: cd into approot/src/Unosquare.passcore.web/ then run: dnvm install -u
b - restart iis: iisreset
c - try again.
let me know if this list works -- it builds into the fact that the user has not installed iis or anything, so it really takes you in from scratch.
again thanks for all the contributors previous to me=)
In reference to this issue: #21
I hope I correctly opened a new issue instead of commenting on issue 21.
I have an issue that I'm not sure the cause of. I have replaced PasswordControllr.cs with adalfa's and used the powershell script by jkberry on the service account used in appsettings.json.
Can anyone think of what I am doing wrong / what is going on?
If "UseAutomaticContext" is set to false:
If "UseAutomaticContext" is set to true:
after passwort change the Roaming Profile was created on the webserver. Its possible to change password without create roaming profile on web server.
Hi! Is it possible to add http to https redirect in app?
I try all rewrite IIS rules but it have no effect, app did not load whis redirect rule.
Installed and got running. However trying to change the first password gives me this error:
"There was an error changing your password
Error Information: The system cannot contact a domain controller to service the authentication request. Please try again later. (Exception from HRESULT: 0x800704F1)"
I had this issue with a different password manager as well. It seems MS did some shifting around on their changing password policies with a MS update. see https://support.microsoft.com/en-us/kb/3177108
Any ideas?
Hi,
got passcore working today, nifty little tool, works as advertised for users who do not have access to a desktop to change password.
One question - Is adding support for SMS or Email passwords something under consideration? For example if a user has a mobile stored in AD then you could generate a password and SMS it to them using a gateway. This would help for situations where the user doesn't actually know their password and so cannot enter the old password to reset it.
Thanks again for a great tool, Chris
Thank a lot for making this application, This is exactly what I needed.
Is it possible that you can add functionality that allows users to change/update their user fields in Active Directory on their own. For Example: telephone, department, title, manager etc. This will help us to keep the Active directory updated. There are no such application available in market for free.
Regards,
Waqas Ahmed
[email protected]
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.