If you are the "administrator" or someone with a similar role and you want to reset your users password, here is what I do:
Create a custom Action accessible to administrators only
Create a business role with following code:
MembershipUser user = Membership.GetUser(username);
if (user != null)
{
string pw = "p@ssword123";
user.ChangePassword(user.ResetPassword(), pw);
Membership.UpdateUser(user);
Result.ExecuteOnClient("alert('Password for the user "+ username +" successfully reset')");
}
else
{
Result.ExecuteOnClient("alert('User does not exist for the employee "+ name +"')");
}
Hope this will help someone out there
-
Azad
Above you say "Create a business role with following code: "
I'm not sure that I understand or know how to create a business role, can you please explain this step further
Thanks -
-
Oh! sorry. I meant business rule And I think you know how to create a business rule. Just right click on the controller on which you have added the custom action and select New Business Rule
-
-
Azad, the default configuration of membership provider requires method ResetPassword to be called with password answer, which is known only to the user.
Administrator has no way of knowing the answer.
The correct way of resetting the standard "admin" account in an app created with Code ON Time shall look as follows:
admin.ChangePassword(admin.ResetPassword("Code OnTime"), "p@ssword123");
Note the parameter of ResetPassword in the sample. Phrase "Code OnTime" is the answer to the password recovery question of the account.
The only way to make your code work is to reduce the security and disable a requirement for Password Answer to be validated when various membership API are invoked. This can be done by changing the web.config settings.
We would not recommend that unless you absolutely want to have a user (admin) who can impersonate any user at will.-
Could you please give me the modification in web.config to disable a requirement for password answer.
-
-
-
-
-
Thank you for the advice. But for the architecture of my application the code above is what I use.
-