ASP.Net Host

Preventing accidental password changes in CommunityServer

Almost every day we have a customer that can't login to their CommunityServer site and this is page will tell you how to correct the issue, and prevent it from happening again.
 
Scenario:
  A new CommunityServer installation has taken place and the site is functioning as it should. The user uses the "I forgot my password" link. After this, the user can no longer login. I doubt it even occurs to most folks that using the "I forgot my password" link has anything to do with the problem.
 
Why this happens:
 When CommunityServer is setup with the default setup, the option to send email is not configure, however the default behavior of the "I forgot my password" link is to change the password and email you the new password. The password does get changed, however the email never gets sent.
 
Solution - Option 1:
   Setup your mail server information right away to prevent emails not being able to go out. Please see http://aquesthosting.headtreez.com/doc/5f67fb22-62d6-4650-b213-79de62e97785 for instructions on setting the email settings.
 
Solution - Option 2:
  Set CommunityServer to send you and email with a link, which you must then follow to have the password changed. I like this option because, it prevents the password from getting changed unless you really want that to happen. Even if you do this option, it is still advisable to setup your email settings as suggested above.
 
   To get CS to send a link to you before changing the password:
  1. Login to your CS Adminstration pages.
  2. Go to Membership > New Registration Settings, then set Password Recovery to "Link" instead of "Reset".
 
What about fixing my password that was already changed?
   You need access your database to make these changes. If you don't know how to access your database using SQL Enterprise Manager or SQL Studio, and you are an Aquest Hosting customer, you can submit a Trouble Ticket explaining what you need and we'll do it for you.
   The 'admin' user name is stored as plain text in the database so you can change it manually. If it is another user, it may not be stored in plain text, in which case this won't work so you'll need to fix the email settings (as described above, and have the system send you the new password again).
 
   Resetting password manually:
  1. Connect to your database.
  2. Open the 'aspnet_Users' table, find the user and note the userID.
  3. Open the 'aspnet_Membership' table find the line with the matching userID, and type in the password in the password field.
 

0 Comments

We recommend Aquest Hosting for your ASP.Net 2.0 hosting, Community Server hosting, and DotNetNuke hosting.