Log users of changes? Audit

Does SCCM have this capability to log all changes with usernames (auditing) ? I had an odd occurrence last night where machines without a local DP got the client installed to them & started pulling updates off our default. No one stepped up to saying
it was them, and the client is manually pushed out, and not automatically done with discover. Thanks!

Hi,
Check out the Status message queries most changes not all genereate a status message that can be queried from the console under Monitoring, System Status, Status Message Queries.
Regards,
Jörgen
-- My System Center blog ccmexec.com -- Twitter
@ccmexec
Thanks I'll take a look and see if it comes up with anything useful.

Similar Messages

  • Using alter user to change oracle password for logged in web user on XE

    Hi All
    I'm building an app using the pl/sql web toolkit on XE (installed on Win XP Pro SP2). (I'm not using the APEX front-end).
    I'm using basic authentication and oracle database user accounts, and when a user registers for the first time I create them an oracle user account with dynamic sql, followed by some initial setup stuff, and they then log in with it.
    All fine so far.
    However I want to allow the user to change their oracle password as part of maintaining their user details. I've done this in the past using the web toolkit and Oracle 9i and it has worked fine using dynamic sql.
    Unfortunately I can't get the same thing to work in XE.
    For example, if I create the following procedure in the schema aligned to the DAD which holds my application and then run it from a browser (IE or Firefox) then the
    Browser and the db just hangs - not even an error message:
    CREATE OR REPLACE PROCEDURE ut
    AS
    v_stmt varchar2(300);
    BEGIN
    HTP.htmlOpen;
    HTP.headOpen;
    HTP.title ('User Test');
    HTP.headClose;
    HTP.bodyOpen;
    v_stmt := 'alter user "'||user||'" identified by "BERT"';
    htp.print(v_stmt);
    EXECUTE IMMEDIATE v_stmt;
    htp.print('Done');
    HTP.bodyClose;
    HTP.htmlClose;
    END;
    If I run the same statement in SQL*plus it's fine, and if I run the same proc for a different user then it's fine too.
    I'm sure it's something to do with trying to change the credentials of the currently logged in user, but I would at least have expected an error message.
    I'd be grateful for any ideas.
    Thanks
    Steve

    Hi g.myers
    Thanks for your response.
    Sorry, yes, bad turn of phrase there. It's not the entire db that hangs. The web browser (either IE or FF) hangs, and if I look at v$session at this point, I can see that the user STATUS=ACTIVE and the STATE=WAITING.
    I should also point out that I am using standard Oracle users as users of the application, (e.g. create a new user account called TESTER1). These users are then granted the appropriate privileges on the owning schema in order to run the app, access the tables etc.
    Therefore it is the user account (e.g. TESTER1) that is running the password change procedure that is owned by the SYS schema. (However again, this is the exact code and method that I've used in the past and it has worked fine).
    If I leave the browser hanging long enough, it will eventually return with the following error:
    Proxy Error
    The proxy server received an invalid response from an upstream server.
    The proxy server could not handle the request POST /h/hopapp.pwdmaint_do.
    Reason: Error reading from remote server
    cheers
    Steve

  • Need log of the users who changed the partner profiles.

    Hi,
    Some user has been changed partner profiles of the CUA configuration Setup.
    It is displaying only Agent Name. They delete the Inbound and outbound parameters of the partner profiles created by CUA. So, I need to trace out the user who changed these parameters.
    It will be appreciate if anybody can help in this issue.
    Thanks,
    Shiva.

    I resolved this issue by deleting the partner profiles created by CUA in all child clients. And delete the Distribution model in all child clients and re-distribute the distribution model from Master client.
    Now its working fine.
    But I am not able to trace out the user who changed partner profiles. I checked in ST03N but i didnt get the information abt the we20. ( I am using ECC 6.0 version).
    And in WE20 it is not showing any User ID who changed the partner profiles. I checked in following tables but I didnt find any changed details of partner profiles.
    EDIPHO
    EDMSG
    EDP12
    EDP13
    EDP21
    EDPP1
    T002T
    T005T
    Regards,
    shiva.

  • Registration of user password change in Oracle Identity Manager 9.1.0.2

    Where I can find record in Oracle Identity Manager 9.1.0.2, if a user password change.
    There any log, report, etc ...?
    thank you very much

    Check this: Re: Audit when change password fails
    -Bikash

  • How to find the User who changed the connection settings

    Hi Gurus,
    I am basically a BW guy but i am looking at your precious Guidance in this issue.
    We have a situation in our BW production system. The job loads are working fine till now but seems like someone has meddled with RFC connection with R/3 prod.
    The connection between R/3 and BW is broken. I would like to know if there is any way to find the User or some Log to find who might have medelled with the RFC's .
    Help is greatly appreciated.
    Regards
    satish M

    Hello Satish,
    Which release are you on?
    Option 1: Take a look in SM59 selecting the destination and there is a "last changed" information displayed.
    Option 2: the table for these connections are often not logged for table change logging, but if they are... then try transaction SCU3 on the backend tables (table RFCDES is a good start).
    (search for rec/client and recclient etc as search terms).
    Option 3: Why would someone change a connection? Try to analyze what happened during the time period after the change, or even immediately before the change (audit logs, system events, server statistics etc). A simple check would be via SM20 to see who started SM59 immediately prior to this. A more complex check would be analyzing the RFC profiles in ST03N.
    Option 4: On the R/3 side, you might be able to find the same auditable information as well (perhaps even the IP address of the caller?) Tip: The person might have created a dump... => transaction ST22.
    Option 5: There are some other additional logging, tracing and control possibilities at a deeper technical level, if used or active at that point in time.
    Cheers,
    Julius

  • How to monitor user password changes for users in a database.

    hi All,
    can someone please help me.
    I need to audit the user password changes in a database. Ive check the auditing but audit " alter user " doesnt audit the changes in password and ive also checked the select * from sys.user_history$; view but didnt find anything useful. So is there a way to trace who changed the password and when ?
    Thanks for the help.

    You need something along the lines of http://www.morganslibrary.org/reference/ddl_trigger.html
    or you need to disallow ALTER USER to everyone and write your own PL/SQL and instrument logging the changes.
    Sybrand Bakker
    Senior Oracle DBA

  • RSOP: Interactive logon: Prompt user to change password before expiration

    Hi,
    I am trying to implement a GPO so that users are prompted to change their password 5 days before it expires. I have done this via -
    Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Enabled
    Interactive Logon: Prompt user to change password before expiration
    Despite doing the above the GPO does not seem to be taking effect. I have run RSOP on my machine and a few users machines and can see that there is a red circle with an X next to
    Interactive Logon: Prompt user to change password before expiration.
    Below is my winlogon.log file but I am not really sure what I am supposed to be looking for. Can anyone help?
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkSite GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{91EDC47D-AACF-4DFE-B044-5D29500CECBE}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{DDE2DDB7-9802-415B-819E-1ADA496DC3E6}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{6422C1A4-D958-4F4B-A8AA-EBACC567BD19}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
    No template is defined in GPO \\**************.co.uk\SysVol\**************.co.uk\Policies\{43F654AA-56D5-4F2C-B357-1AFEE03D37F2}\Machine.
    Process GP template gpt00000.inf.
    This is not the last GPO.
    08 March 2015 23:06:35
    Copy undo values to the merged policy.
    ----Un-initialize configuration engine...
    Process GP template gpt00001.dom.
    This is not the last GPO.
    08 March 2015 23:06:36
    ----Un-initialize configuration engine...
    Process GP template gpt00002.dom.
    This is not the last GPO.
    08 March 2015 23:06:36
    ----Un-initialize configuration engine...
    Process GP template gpt00003.dom.
    This is not the last GPO.
    08 March 2015 23:06:36
    ----Un-initialize configuration engine...
    Process GP template gpt00004.inf.
    08 March 2015 23:06:36
    ----Configuration engine was initialized successfully.----
    ----Reading Configuration Template info...
    ----Configure User Rights...
    Configure S-1-5-32-544.
    Configure S-1-5-21-778002760-1239436532-1307212239-1002.
    Configure S-1-5-21-778002760-1239436532-1307212239-1016.
    Configure S-1-5-21-778002760-1239436532-1307212239-4078.
    Configure S-1-5-21-778002760-1239436532-1307212239-512.
    Configure S-1-5-21-778002760-1239436532-1307212239-500.
    Configure S-1-5-21-778002760-1239436532-1307212239-513.
    User Rights configuration was completed successfully.
    ----Configure Group Membership...
    Configure **************\Local Admins for Users.
    old memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
    object already member of Administrators.
    object already member of Remote Desktop Users.
    new memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
    Group Membership configuration was completed successfully.
    ----Configure Security Policy...
    Configure password information.
    Configure account force logoff information.
    System Access configuration was completed successfully.
    Configure machine\software\microsoft\windows nt\currentversion\winlogon\passwordexpirywarning.
    Configure machine\software\microsoft\windows\currentversion\policies\system\enableinstallerdetection.
    Configuration of Registry Values was completed successfully.
    Audit/Log configuration was completed successfully.
    ----Configure available attachment engines...
    Configuration of attachment engines was completed successfully.
    ----Un-initialize configuration engine...
    this is the last GPO.
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkSite GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{91EDC47D-AACF-4DFE-B044-5D29500CECBE}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{DDE2DDB7-9802-415B-819E-1ADA496DC3E6}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\sysvol\**************.co.uk\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkDomain GPO_INFO_FLAG_BACKGROUND )
    Make a local copy of \\**************.co.uk\SysVol\**************.co.uk\Policies\{6422C1A4-D958-4F4B-A8AA-EBACC567BD19}\Machine\Microsoft\Windows NT\SecEdit\GptTmpl.inf.
    GPLinkOrganizationUnit GPO_INFO_FLAG_BACKGROUND )
    No template is defined in GPO \\**************.co.uk\SysVol\**************.co.uk\Policies\{43F654AA-56D5-4F2C-B357-1AFEE03D37F2}\Machine.
    Process GP template gpt00000.inf.
    This is not the last GPO.
    09 March 2015 16:26:51
    Copy undo values to the merged policy.
    ----Un-initialize configuration engine...
    Process GP template gpt00001.dom.
    This is not the last GPO.
    09 March 2015 16:26:51
    ----Un-initialize configuration engine...
    Process GP template gpt00002.dom.
    This is not the last GPO.
    09 March 2015 16:26:51
    ----Un-initialize configuration engine...
    Process GP template gpt00003.dom.
    This is not the last GPO.
    09 March 2015 16:26:51
    ----Un-initialize configuration engine...
    Process GP template gpt00004.inf.
    09 March 2015 16:26:51
    ----Configuration engine was initialized successfully.----
    ----Reading Configuration Template info...
    ----Configure User Rights...
    Configure S-1-5-32-544.
    Configure S-1-5-21-778002760-1239436532-1307212239-1002.
    Configure S-1-5-21-778002760-1239436532-1307212239-1016.
    Configure S-1-5-21-778002760-1239436532-1307212239-4078.
    Configure S-1-5-21-778002760-1239436532-1307212239-512.
    Configure S-1-5-21-778002760-1239436532-1307212239-500.
    Configure S-1-5-21-778002760-1239436532-1307212239-513.
    User Rights configuration was completed successfully.
    ----Configure Group Membership...
    Configure **************\Local Admins for Users.
    old memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
    object already member of Administrators.
    object already member of Remote Desktop Users.
    new memberof tattoo list: *S-1-5-32-555,*S-1-5-32-544,
    Group Membership configuration was completed successfully.
    ----Configure Security Policy...
    Configure password information.
    Configure account force logoff information.
    System Access configuration was completed successfully.
    Configure machine\software\microsoft\windows nt\currentversion\winlogon\passwordexpirywarning.
    Configure machine\software\microsoft\windows\currentversion\policies\system\enableinstallerdetection.
    Configuration of Registry Values was completed successfully.
    Audit/Log configuration was completed successfully.
    ----Configure available attachment engines...
    Configuration of attachment engines was completed successfully.
    ----Un-initialize configuration engine...
    this is the last GPO.
    Jeet S

    ******UPDATE******
    I think I have managed to get this working. I changed the source of the policy to a different GPO. I then did the following -
    From a command prompt run gpupdate (without the force parameter)
    Ran rsop.msc and checked the policy and this time there was no red circle with an X
    Have done the same on a few users machines and it appears to apply successfully. I say this because when you go into the properties for the policy you see the following -
    The policy XYZ was correctly applied
    Just have to wait and see if it actually does what it says on the can.
    Jeet S

  • Production order changes - Audit trail

    Hi Experts;
    Could any body guide me to find the history of changes done to the production order (Audit trail). My requirement is to find the user who change the routing master data in a production order.
    Thanks & Regards;
    Malka

    Hello
    This question has been already asked several times on this space. Take a look on my answer on the following thread, for example:
    Changes in the production order - log
    Also, OCM is a different functionality with a different purpose and it's not relevant in this case. See my answer on the link below for more details.
    Production Order - OCM
    At last, as explained on the The SCN Rules of Engagement, please do a more detailed search before opening a thread with a question that has been already answered several times.
    BR
    Caetano

  • How to allow users to change password

    I have enabled users to change their passwords in the Server.app for the Default Site with SSL, and who can access is a group of individuals.
    When I load up the Server site, I am presented with
    a Login to which I then add my username and password and I am then presented with
    Welcome to OS X Server
    OS X Server makes it easier than ever for the people in your organization to collaborate, communicate, and share information.
    I Choose My Settings and the site is redirected to /changepassword of which a page comes
    Forbidden
    You don't have permission to access /auth/ on this server.
    The Directory /Library/Server/Web/Data/Sites/Default/auth/ exists with the corret permissions.  This is an empty directoy tho
    Apache Logs:
    Directory index forbidden by Options directive: /Library/Server/Web/Data/Sites/Default/auth/
    I cannot get this to work.  WIki's are turned on but that doesnt work either. 
    If I Launch /wiki, I am prompted to login, to with I do, and i just get a blank web page
    Apache logs:
    File does not exist: /Library/Server/Web/Data/Sites/Default/__collabd
    This is on a new install of OSX server
    Any Suggestions?

    Hi,
    On the landing page at the bottom it should say "change password".
    That brings you to a forbidden page?
    On my server I do not have the /auth/ folder in my default site, but my changepassword page does work.
    Can you check if going to https://127.0.0.1/changepassword does work? It will give an SSL error.
    Then it might be DNS related conflicting with another router/server in your network
    Or... charge $ 5 per user to change his or her password personally
    Goodluck!
    Jeffrey
    StarPine Support

  • JBO-25014: Another user has changed the row with primary key oracle.jbo.Key

    Hi,
    I am developing a Fusion Web Application using Jdeveloper 11.1.2.1.0. I have a home.jspx page that has a ADF table built on efttBilling View Object. . When you click on one of the rows in the table, it will take you to detail.jspx where you can edit the row and save. When 'save' is clicked, stored procedures are executed to update/insert rows into few tables , and then go back to home.jspx where you need to see updated content for that row.
    To get down to the exact issue, updates are made to the tables on which the efttBilling View Object is built using a stored procedure. Once this is done, I am trying to requery view object to see new content. But I keep getting JBO-25014: Another user has changed the row with primary key oracle.jbo.Key error. Following are the approaches I followed to query new results:
    a. Executed Application Modules Commit Method. Created 'Commit' Action binding and tied it to homePageDef.xml. Called this binding from a view scope bean.
        BindingContainer bindings = BindingContext.getCurrent().getCurrentBindingsEntry();
         OperationBinding operationBinding = bindings.getOperationBinding("Commit");
        Object result = operationBinding.execute();
       if (!operationBinding.getErrors().isEmpty())
        return null;
    b. Marked 'Refresh on Insert' , 'Refresh on Update', 'Change Indicator' checkboxes for all the attributes in the entities associated with efttBilling View Object.
    c. Tried to Requery View Object. Created a refreshViewObject method in Application Module Impl.java file, exposed this method to the client interface and created a invokeMethod Action binding in home.jspx
    Code in Application Module:
      public void refresheftTransactionsforBillingAccountViewObj1View()
        System.out.println("In eftTransactionsforBillingAccountViewObj1");
      findViewObject("eftTransactionsforBillingAccountViewObj1").executeQuery();
    Code in view scope bean
            DCBindingContainer bindings =
           (DCBindingContainer)BindingContext.getCurrent().getCurrentBindingsEntry();
            OperationBinding operation =
            bindings.getOperationBinding("refresheftTransactionsforBillingAccountViewObj1View");
            operation.execute();
    I have searched web, ADF forums and tried methods suggested in there but no sucess.
    Could anyone please provide some insight in this issue. I have been battling with this since quite some time. I can provide you with the log file too.
    Thanks!
    Shai.

    What code does your Commit method have .. can you try using the Commit executable from the AM itself instead ?
    Also -
    Shai wrote:
    'Change Indicator' checkboxes for all the attributes in the entities associated with efttBilling View Object.
    which all attributes you set this property for . it should just be for History columns as such.
    Did you also check if this could be your scenario ?
    Decompiling ADF Binaries: Yet another reason for "JBO-25014: Another user has changed the row with primary key orac…
    OR
    JBO-25014: Another user has changed the row with primary key oracle.jbo.Key
    OR
    Another user has changed the row with primary key -Table changed externally
    Message was edited by: SudiptoDesmukh

  • How to restrict users cannot change their password

    Hi all,
    If i logon to E-Business Suite home page, click on the preferences icon on the right hand top corner of the home page, i have an option to change my password.
    How will i diable or restrict this such that no users can change their passwords after first time creation.
    Regards,
    Prasad

    hi prashant,
    i could do this by logging in as sysadmin, personalizing that particular page (preferences) and setting it for only site and org. it is effected for all the users
    Thanks for reply
    Prasad

  • ISE 1.2 Guest portal user cannot change their passwords

    I have a WLC 5508(version 7.6) and a server installed  the ISE (version 1.2.1.198),Now we configured the CWA,Use guest portal as an employee and guest login url,We can use the manually create internal user and password successfully logged in, and we set up allow guest users to change password in Multi-Portal, but the user can not change the password in the guest portal ,I suspect the change password option on the Guest  Portal actually works? Can anyone tell me how to change their own username password in the guest portal ?

    Requiring Guests to Change Password
    You can allow or require guest users to change their password after their initial account credentials are created by the sponsor. If guest users change their passwords, sponsors cannot provide guests with their login credentials if they are lost. The sponsor must create a new guest account.
    You can either allow guests to change their passwords, or you can require that they do it at expiration and at first login. To require internal users using a guest portal to change their password upon their next login, choose Administration > Identity Management > Identities > Users . Select the specific internal user from the Network Access Users list and enable the change password check box.
    Before You Begin
    Create a Guest portal or modify the DefaultGuestPortal. This setting is specific to each Guest portal.
    Step 1 Choose Administration > Web Portal Management > Settings > Guest > Multi-Portal Configuration.
    Step 2 Check the Guest portal to update and click Edit .
    Step 3 Click the Operations tab.
    Step 4 Check either or both options:
    Allow guest users to change password
    Require guest users to change password at expiration and first login
    Step 5 Click Save .

  • User Status change problem in Process Order

    Hi,
    We are in process of upgrading our system from 4.6C to ECC 6.0. I have a problem with User status change for process Orders.
    In 4.6C we are using the profile x with settings:
    10     ZNEW     Created process order     10     90     1     1     ZSTA
    20     ZLCK     Locked process order     20     90     1     1     ZREV
    30     ZOPN     Reopened process order     20     90     1     1     ZOPN
    40     ZMST     MES order started     20     90     1     1     ZMST
    50     ZMCL     MES order closed     20     90     1     1     ZMCL
    90     ZTEC     Technically completed      20     90     1     1     ZTEC
    In ECC 6.0 we also use the same profile settings as above.
    The problem is in ECC 6.0 when I do a goods receipt the User status changes to ZTEC . The process followed is ..Create process order, Release Order, Goods issue, Phase partuial confirmations, Goods receipt and then Finla confirmations of phases. Now in 4.6C if i do the above process the User status remains at ZMST and it only changes to ZTEC when i technically complete the order but in ECC 6.0 when I do a goods recipt from above steps the User status changes to ZTEC. THis should not happen.
    Any pointers will be very helpful.

    Hi,
    The log for production order preliminiary costing is not saved. Therefore, once the order is saved, there is no log available anymore (this is by the way a question of PP; none of the logs is saved).
    Hope that helps...
    Regards,
    Declan

  • TMG 2010 publishing Exchange 2010 OWA cannot change password if user must change password at first logon is set

    Hi,
     I have an odd issue whereby if I set "user must change password" on an AD account, the end user cannot logon, they're simply taken back to the OWA login page as if their password is incorrect.
    My setup is as follows:
    outer TMG -- uses a listener for email.contoso.com and is configured for no authentication.This uses a publishing rule to publish the inner TMG server. This server is not a domain member.
    inner TMG - uses a listener for email.contoso.com and is configured for NLTM\kerberos negotiation with forms authentication (Windows Active Directory). This server is a domain member and use a publishing rule to publish the internal CAS. Allow users to change
    password is selected in the publishing rules.
    Exchange 2010 SP1 - uses integrated windows and basic authentication. Has the appropriate registry key configured to allow users to change their AD password on first logon.
    I've registered an snp for "http/email.contoso.com mailserver-dc1", all SSL certificates being used are valid and my configuration used to allow users to login and change their password with "user must change password on first login"
    set in AD.
    If I launch a web browser on an internal server and point it to email.contoso.com I'm immediately presented with a generic Windows authentication request (similar to what's seen in ADFS) rather than the standard OWA page. No matter what I do, I cannot login
    and change my password using the correct URL. However if I point my browser at
    http://192.168.4.10/owa I'm prompted to login and I can change my password using the sam credentials.
    The only recent changes made are:
    - Disabling SSL 3.0 and enabling TLS  (http://www.isaserver.org/articles-tutorials/configuration-security/improving-ssl-security-forefront-threat-management-gateway-tmg-2010-published-web-sites.html)
    - Replacing the TMG listener certificates so that they now use SHA2 rather than SHA2 (certificates are trusted on each TMG server)
    Looking on the outer TMG and the DC logs I can see schannel errors which I believe are related to the problem. TMG monitoring also shows "Failed connection attempt: 1907 The user'spassword must be changed before logging on for the first time"
    I've checked that my inner TMG and DC are using the same certificate for server authentication and gone through this guide:
    http://blogs.technet.com/b/keithab/archive/2012/02/29/setting-up-and-troubleshooting-ldaps-authentication-in-forefront-tmg-2010.aspx
    If I try to use ldp.exe on the inner TMG, I get the error in the pic below
    Thanks
    IT Support/Everything

    Hi,
    You could try to analyze the TMG tracing and try the troubleshoot steps in the blog below.
    TMG 2010 – FBA, troubleshooting the change password feature 
    http://blogs.technet.com/b/isablog/archive/2012/05/07/tmg-2010-fba-troubleshooting-the-change-password-feature.aspx
    Best Regards,
    Joyce

  • User's changing their own password

    Is it possible to allow user to change their own password when logged onto a portal applicastion I have written ?

    Presumably, the application you say you have written, is a Login Server partner application. So changing the user's password means changing it on the login server.
    The URL that you need to go to, to do this, is something like: http://server.domain.com/pls/portal30_sso/portal30_sso.wwsso_app_user_mgr.change_password?p_done_url=xxxxx
    Where xxxxx is the URL where you want control to go after the user submits their new password.
    null

Maybe you are looking for