這邊有一個 KB 說明得很仔細。
大致上的步驟為:
1.IIS 管理員中在預設的網站上手動新增 IISADMPWD 虛擬目錄,並對應到 %systemroot%\System32\Inetsrv\Iisadmpwd ,給予讀取及指令碼執行權限。
2.另外,如果不開啟 SSL 功能(預設使用SSL),需要執行以下指令
cscript adsutil.vbs set w3svc/1/PasswordChangeFlags 1
安裝完成後,如果 Group Policy 套用使用者下次變更密碼時,IIS 6 遇到整合型驗證就會導向以下網址:
如果有發現變更密碼後,出現
此處需要物件時。
有可能為 iispwchg.dll 未正確註冊,只要手動註冊就 OK (可以參考這份KB)
regsvr32 c:\windows\system32\inetsrv\iisadmpwd\iispwchg.dll
當然,微軟是不推薦、不鼓勵這種變更密碼的方式,如果專案有需要時,可以適時考慮。長期的作法仍是登入 windows 後變更密碼較為安全。
****
RESOLUTION
To create the IISADMPWD virtual directory, follow these steps:
In the Internet Services Manager Microsoft management Console (MMC), expand Web Sites, right-click the Default Web Site, select New, and then select Virtual Directory.
When the Virtual Directory Creation Wizard starts, follow the instructions to create the virtual directory with the alias IISADMPWD. Point the path to the local %systemroot%\System32\Inetsrv\Iisadmpwd directory. For the Access Permissions allow both Read and Run Script privilages.
To set the PasswordChangeFlags value in the IIS metabase, do the following:
From a command prompt browse to the C:\Inetpub\Adminscripts directory.
Type adsutil.vbs, and then press the ENTER key. If this is the first time that Adsutil.vbs has been run, you may get error messages stating that Cscript is not registered. Follow the prompts and choose Yes to register Cscript.
Type adsutil.vbs set w3svc/1/PasswordChangeFlags [value].
w3svc/1 represents the Default Web Site and [value] can be set to one of the following options:
0 - SSL connection required
1 - Password changing allowed on non-secure ports.
2 - Password changing disabled.
3 - Password changing disabled. (Undocumented)
4 - Advance notification of password expiration disabled.
Users should now be able to change their Local Account password by visiting:
http[s]://[server address]/iisadmpwd/aexp2.asp
Or their Domain Account password by visiting:
http[s]://[server address]/iisadmpwd/aexp2b.asp
Where "s" exists in an SSL connection and "server address" is either the host name or unique IP address of the server.
Technorati tags:
IIS 6,
IISADMPWD,
IISPWD