Edited the readme.txt

2026-03-10 06:35:10 +00:00
parent b90c201d52
commit f66aea0178
1 changed files with 243 additions and 1 deletions
--- a/README.txt
+++ b/README.txt
@@ -1 +1,243 @@
-Modern UI with edited Paths for the Reverse Proxy.
+# IISADMPWD – Active Directory Password Change Portal for Modern Windows Server
 This project restores the classic **IISADMPWD password change functionality** on modern Windows Server versions (2008/2012/2016/2019/2022+) and provides a slightly modernized UI.
 It allows domain users to **change their Active Directory password through a web portal**.
 Microsoft deprecated this feature after **IIS 6**, so it is no longer available in clean Windows Server installations. This repository provides the required files and instructions to restore the functionality.
 ## Features
 - Active Directory password change via web UI
 - Compatible with modern Windows Server versions
 - Works behind reverse proxies such as Caddy, Nginx, and Traefik
 - Updated UI with a more modern look
 - Lightweight, with no external dependencies
 - No visible internal IIS path required for end users
 ## Architecture Example
 ```text
 User
 │
 ▼
 https://password.example.com
 │
 ▼
 Reverse Proxy (Caddy / Nginx / Traefik)
 │
 ▼
 IIS Server
 /reset-password
 ```
 External users only see:
 ```text
 https://password.example.com
 ```
 The internal IIS path remains hidden.
 ## Installation
 ### 1. Copy the files
 Copy the repository contents to your IIS server:
 ```text
 C:\inetpub\wwwroot\reset-password
 ```
 The folder structure should look similar to:
 ```text
 reset-password
 ├─ aexp2.htr
 ├─ aexp2b.htr
 ├─ aexp3.htr
 ├─ aexp4b.asp
 ├─ achg.asp
 ├─ achg.htr
 ├─ iisadmpwd.htr
 └─ iispwchg.dll
 ```
 ### 2. Register the password change DLL
 Open an **elevated command prompt** and run:
 ```cmd
 regsvr32 C:\inetpub\wwwroot\reset-password\iispwchg.dll
 ```
 You should receive a success message similar to:
 ```text
 DllRegisterServer in iispwchg.dll succeeded
 ```
 ### 3. Enable password change functionality
 Navigate to the IIS AdminScripts directory:
 ```cmd
 cd C:\Inetpub\Adminscripts
 ```
 Then run:
 ```cmd
 cscript adsutil.vbs set w3svc/passwordchangeflags 0
 ```
 #### PasswordChangeFlags values
 | Value | Description |
 |------:|-------------|
 | 0 | Default – password changes enabled |
 | 1 | Allow password changes without SSL |
 | 2 | Disable password change |
 | 4 | Disable password expiration notifications |
 Recommended value:
 ```text
 0
 ```
 ### 4. Enable Classic ASP
 This application requires **Classic ASP**.
 Install the feature using PowerShell:
 ```powershell
 Install-WindowsFeature Web-ASP
 ```
 Or via **Server Manager**:
 ```text
 Web Server
 → Application Development
 → Classic ASP
 ```
 ### 5. Create the IIS application
 Open **IIS Manager** and navigate to:
 ```text
 Sites
 → Default Web Site
 ```
 Right click **Default Web Site** and select **Add Application**.
 Use the following values:
 **Alias**
 ```text
 reset-password
 ```
 **Physical Path**
 ```text
 C:\inetpub\wwwroot\reset-password
 ```
 **Application Pool**
 ```text
 DefaultAppPool
 ```
 Click **OK**.
 ### 6. Restart IIS
 ```cmd
 iisreset
 ```
 ## Local Test
 Open one of the following URLs in your browser:
 ```text
 http://SERVER/reset-password
 ```
 or
 ```text
 http://SERVER/reset-password/aexp4b.asp
 ```
 ## Reverse Proxy Example (Caddy)
 This example exposes the portal at:
 ```text
 https://password.example.com
 ```
 while internally running under:
 ```text
 /reset-password
 ```
 Example Caddy configuration:
 ```caddy
 password.example.com {
 	handle {
 		rewrite * /reset-password{uri}
 		reverse_proxy <ip-address>:80 {
 			header_up Host {host}
 			header_up X-Forwarded-Host {host}
 			header_up X-Forwarded-Proto https
 			header_up X-Forwarded-Port 443
 			header_up X-Forwarded-For {remote_host}
 		}
 	}
 }
 ```
 Users only access:
 ```text
 https://password.example.com
 ```
 ## Security Notes
 - Always place the portal behind **HTTPS**
 - Prefer a reverse proxy with **TLS termination**
 - Consider restricting access to **internal networks or VPN**
 - Do not expose the portal publicly without proper access controls
 ## Supported Windows Versions
 Tested with:
 - Windows Server 2012
 - Windows Server 2016
 - Windows Server 2019
 - Windows Server 2022
 ## Disclaimer
 This project restores functionality from deprecated IIS components originally shipped with **Windows Server 2003**.
 Use at your own risk.
 ## License
 Provided as-is for educational and administrative purposes.