This gadget provides a means for users to change their passwords. It overs some additional controls and features over the stock Change Password gadget that ships with NPS. With these rules it should be possible to cover just about every password policy out there.

Password Restriction Options:
- Minimum & Maximum length restrictions
- Minimum number of numeric character restrictions
- Minumum number of alpha character restrictions
- Minimum number of non-alphanumeric characters (symbol) restrictions
- Maximum number of character repeats
- Maximum number of sequential character repeats
- Characters not allowed
- Characters required
- Disallow all or portions of any value of the user object in the password (ie, 3 letters of user's givenName)
- Wordlist (dictionary) checking restrictions

Features:
- Case sensitive/converting password preservation (for advanced edirectory password mechanisims)
- Set remote LDAP server server password (in a different tree)
- Call a local executable with password change
- Email notification of password changes
- Email notification to admins of password change failures
- Automatically set ldap attributes on the user object at time of creation.

The remote LDAP set can be used to set the user's password in an alternative LDAP environment, such as another edirectory tree or stand-alone LDAP server. The only hitch is that the user's DN must be known to the gadget config. This typically could be done with DirXML or some other process by placing the user's remote LDAP DN in an attribute on the user object in the portal tree, and calling it with a portal macro.

This gadget has been as thoroughly tested as possible for security issues, but it offers no warranty or gaurentee of any kind. Use it at your own risk.

For information on how to set the configuration options, click "Descriptions" when configuring the gadget.