Password Recovery2017-06-10 16:18:02
I know, I know. It’s been a while since the last thrilling update. But we have not been sitting idle. A lot of big items are now working correctly and I wanted to give you the quick bullet list:
- Email Notification
- Recipients now include: The user’s object email address, the object’s manager and a list of SMTP addresses defined in the Profiler config.
- Almost all the development time went into perfecting this new strategy. In a nutshell, all interface screens (including email notification messages) are stored as text files which contain HTML and some macro statements for Profiler to hook into. For more information on the library we used, have a look at HTML::Template . Using Templates, your web designer can do almost anything they wish with the interface (CSS, java script etc)!
- Object Creation
- Yes, it’s finally here. Almost any object can be created. Just write the template form and an initialization file and you are set to go.
- Little bits of neat functions that in sum greatly enhance the product: Automatic DC discovery using DNS, Automatic schema discovery (including custom schemas), Paged search results (with new options), Multi-Lingual interface.
So that covers what we have today. All-in-all an impressive (and ambitious) jump from the current version however there’s more. Right now we have embarked on user based password reset. We have gotten a lot of feedback on this and I think we have learned much. One of the features of the password recovery will be to store the answers to the security questionnaire in Active Directory.
Jackson Shaw of Quest software came up with a great thought in his blog (Read down to the second from the last). Yes, we didn’t even think about a user peeking in the directory, scribbling down the answers and resetting passwords at will.
I think we’ve come up with a rather cool solution: encrypt the answer. We are thinking about running the answers through a one way hash (like how passwords are stored) or just encrypt it with 3des. Yes, we realize that these are not absolute: in theory anyone with a big (think room sized) computer could eventually crack any kind of encryption, but we are not thinking that your average user will be attempting such a grand feat.
Stay tuned for more development excitement!