1. Introduction
BoostSolutions Password Reset is a simple yet highly-featured web part that lets users reset their password right on their SharePoint page without having to contact IT or administrator. Resetting a password can be done right on the web part or through an email confirmation.
Please note: anonymous access must be activated to use Password Reset web part.(See the best practice)
2. Create and Set Up Password Reset for a Domain
Go to Central Administration > BoostSolutions Software Management > Password Reset Settings
Once on Password Reset page, click “Create new password reset setting”
There are two kinds of Authentication Types – Windows Authentication and Form Based Authentication.
2.1. Setting up Windows Authentication
Setting up Windows Authentication Password Reset is quite simple and easy to understand. If all information is set up properly, you may Test the connection and see that it will confirm that it is valid. (See below)
However, if information is not correct, an error message will prompt you when you click the Test button.
2.1.1. Security Questions
Refer to the figure above as each function in the Security Questions tab is explained:
1. Enable Security Questions – checking this box means that resetting password involves answering security question(s).
2. Basic Setting – indicate the maximum number of security question(s) user could define. Maximum number of security question allowed is 3. A prompt would appear if you’ve exceeded the maximum number of security questions allowed.
3. Password Receive Type – users would receive their password reset code via email or straight on the web part.
4. Custom Security Questions – besides the default security questions you set that users can use from; ticking the box means users can formulate their own password reset security question.
2.1.2. Email Settings
1. Reset Password via E-mail – ticking this box lets the user choose to reset his password via an email that contains a confirm link to reset his password.
2. Alternative Email – enabling this feature let users input their alternative email just in case the default email is also locked out. Administrator may choose to force the user to input an alternative email where the password reset details would be sent to.
2.2. Setting up Form Based Authentication
Password Reset also can reset the password of users in form authentication (Based on SQL server), but Password Reset settings depend on the configuration of the form authentication.
On Central Administration > BoostSolutions Software Management > Password Reset Settings
Unlike Windows Authentication, it only supports one (1) security question.
But other features are same as Windows Authentication settings.
3. Basic Uses of Password Reset
Sample Scenario: Administrator has already set up the Password Reset, so users need to set up their Password Reset settings.
3.1. Setting up Password Reset
A user may set his/her Password Reset settings on the Account Settings:
If a user has not yet set up his/her Password Reset settings, there’s a popup on the corner right hand side of their web page constantly reminding the user to set his Password Reset preferences.
Click the Manage Password Reset Settings, and we will be directed to My Password Reset Settings page.
1. User must confirm his identity by typing in his/her password. Password is compulsory or else it will not confirm your settings.
2. Depending on the administrator’s settings, the user may choose to set up his/her own security question, otherwise the user must choose from the dropdown menu of available preset security questions.
3. Also depending on the administrator’s settings, an alternative email may be set up in case the AD email is also locked out.
Click OK to confirm everything and My Password Reset settings is saved.
3.2. Resetting Password
Sample Scenario: User jane is locked out of her computer. Assuming she has properly set up her Password Reset; here, we would show how to retrieve her password through BoostSolutions Password Reset.
A Password Reset web part is available on the home page. On the web part, Jane must input her domain and username.
A prompt would ask Jane if she wants her password reset via a Security Question or via Email Address.
a) Let us test out the Via Security Question first. Upon clicking the radio button, a prompt would ask Jane to answer the security question she has previously set up.
If her answer is correct she answers the security question and click Next, a new password will be displayed and will prompt the user to sign in with the new password.
b) On the other hand, we will also show you how the via Email Address works.
After clicking the Via Email Address radio button, it will prompt you to confirm that the password reset be sent to your email, click Next and the new password will be sent to your email.
It is important that you set up the Password Reset SMTP settings to make sure you are able to send emails with the new password.
4. The Best Practice to Use the Password Reset
Note:The environment in this exampleis based on Windows Server 2008 R2, SharePoint 2010, IIS 7.5 and BoostSolutions Password Reset 1.3.
4.1. Problem
Password Reset Web Part is designed to reset password if users forgot their password or their password are expired. But in general, users who don't know the password cannot login the SharePoint site even though the Password Reset web part is added in a SharePoint page. The big challenge is that the SharePoint web sites don't allow anonymous access by default.
4.2. SharePoint Anonymous Access
Note:We didn't configure following settings automatically in our product because it will change the security settings. Please make sure you understand the meaning of following operation.
In order to access the web page for the users which don't know their password, you have to enable the SharePoint anonymous access, and by default it is closed for security reason. SharePoint supports anonymous access control in different level. And Farm administrator, site administrator and list administrator could decide if enable the anonymous access in the web application, site and list level. And you can only make the anonymous user access the Password Reset page to protect your data which stored in the SharePoint.
4.3. Make the BoostSolutions Password Reset Accessiable
4.3.1. Configure the SharePoint Anonymous Access
1. Enter the Web Application Management page through SharePoint 2010 Central Administration ->Application Management ->Manage web applications.
2. Click the web application which needs the password reset in the web application list and click the Authentication Providers ribbon button to enter the Authentication Providers setting page.
3. Click the Zone which the password reset will work in (In general, it's the Default) and enter the Edit Authentication page.
4. Check the checkbox in the Enable anonymous access to enable it. And logout from the SharePoint 2010 Central Administration.
5. Enter the SharePoint site which need the password reset, and enter the permission setting page via Site Actions -> Site Permissions menu.
6. Click the Anonymous Access ribbon button to open the anonymous access settings.
7. Check the Lists and Libraries options and click OK.
The Entire Web site options means all lists and items could be accessed by the anonymous users in this SharePoint site.
And the Lists and Libraries options means the anonymous usercannot access the data in list or libraries unless it is configured in lists (libraries).
4.3.2. BoostSolutions Password Reset Page
BoostSolutions Password Reset supplies a special page in the product folder, which contains a password reset. You can access the page through
http://<siteurl>/_layouts/BoostSolutions.PasswordReset.PL/AnonymousWebpartPage.aspx
You can send this link to your users when they need to reset password or use following step to configure the 401 redirect.
BoostSolutions default Password Reset page only contains the Password Reset control to reset password. It maybe cannot fit you SharePoint theme. It's written by the standard aspx Page and you can customize it though any editor.
Besides, you can also add our Password Reset Web Part to a custom Web Part page, and enable anonymous access for this page. You can use this page as your password reset page.
4.3.3. Use the 401 Error Page to Redirect Automatically (optional)
If you configure the 401 redirect settings in the web.config file in a site, users which login failed will be redirected to the password reset page automatically.
1. Run the IIS Manager via Start ->Administrative Tools ->Internet Information Services (IIS) Manager Right click the site (It maps to a SharePoint Web Application) in the site tree and click Explore to open root folder of this site.
2. Create a loginfailed.html in this folder and add a link to the password reset page. (click here to download loginfailed.zip ).
3. Use any xml editor or text editor to open the web.config file. (Before doing this, you'd better make a copy for it).
4. Use the search tool to find the httpErrors node. And change it as following image. You can replace the path to any web page you want to redirect to.
5. Save the web.config file and close the editor.
6. Login in to your SharePoint site
Enter a wrong password when the web browser prompt you log in and click OK, the web browsers will give you another login prompt again because you login failed. And then click Cancel, the web browsers will show the loginfailed.html.
7. You need to repeat the step 1 – 7in each WFE (Web Front End) server and Application server.
Top
