CN110445754B - Windows domain account processing method, server and computer readable storage medium - Google Patents

Windows domain account processing method, server and computer readable storage medium Download PDF

Info

Publication number
CN110445754B
CN110445754B CN201910593822.8A CN201910593822A CN110445754B CN 110445754 B CN110445754 B CN 110445754B CN 201910593822 A CN201910593822 A CN 201910593822A CN 110445754 B CN110445754 B CN 110445754B
Authority
CN
China
Prior art keywords
user
password
account
unlocking
modification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910593822.8A
Other languages
Chinese (zh)
Other versions
CN110445754A (en
Inventor
刘耀锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201910593822.8A priority Critical patent/CN110445754B/en
Publication of CN110445754A publication Critical patent/CN110445754A/en
Application granted granted Critical
Publication of CN110445754B publication Critical patent/CN110445754B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention relates to an information security technology, and discloses a Windows domain account processing method, which comprises the following steps: setting an unlocking mode and a password modifying mode of the Windows domain account; receiving an account unlocking request of a user; prompting a user to input unlocking data according to the set unlocking mode; receiving unlocking data and verifying whether the unlocking is successful; after successful unlocking, a prompt of successful unlocking is fed back to the user; receiving a password modifying request of a user; prompting a user to input modification data according to the set modification password mode; receiving modification data and verifying whether the modification is successful; and when the modification is successful, setting the account password as a new password and feeding back a prompt of the successful modification to the user. The invention also provides a server and a computer readable storage medium. The Windows domain account processing method, the server and the computer readable storage medium provided by the invention can provide flexible and various account unlocking and password modification modes for Windows domain accounts, are convenient for users to use, and improve user experience.

Description

Windows domain account processing method, server and computer readable storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method for processing a Windows domain account, a server, and a computer readable storage medium.
Background
Domain (Domain) is a unit of independent operation in Windows networks and is a security boundary. The mutual access between domains requires a trust relationship to be established. A trust relationship is a bridge that connects from domain to domain. Domain administrators can only manage the interiors of domains, each domain having its own security policies and its trust relationships with other domains. When one domain and other domains establish trust relationship, the two domains can not only manage each other as required, but also distribute equipment resources such as files, printers and the like across networks, so that sharing and management of network resources, mutual communication and data transmission are realized among different domains.
If the number of computers and users in the enterprise network is large, windows domain is required to achieve efficient management. In the "domain" mode, at least one server is responsible for authentication of each computer and user that is connected to the network, called a domain controller (Domain Controller, DC). The domain controller includes a database composed of information such as an account number and a password of the domain, and a computer belonging to the domain. When a computer joins the network, the domain controller first verifies whether the computer belongs to the domain, whether the login account used by the user exists, whether the password is correct, and the like. After the verification is passed, the user can log in the domain from the computer to access the resources with the rights protected therein.
Aiming at management of Windows domain accounts, the product on the market at present mainly has the following defects: 1. the system is extremely complex to use and inconvenient for users to operate; 2. the account unlocking mode is inflexible, and the common account is mainly forbidden or enabled by an administrator; 3. the password modification mode has single path, a user can modify a new password only by inputting an original password, and if abnormal conditions such as forgetting the password occur, an administrator must reset the password; 4. the mail notification sending time only supports daily, weekly and appointed dates, the flexibility is not enough, and the mail content does not support style editing. Due to the defects, a great deal of inconvenience is brought to the user to use the account, and the user experience is seriously affected.
Disclosure of Invention
In view of the above, the present invention provides a method, a server and a computer-readable storage medium for processing Windows domain accounts, so as to solve at least one of the above-mentioned problems.
Firstly, in order to achieve the above objective, the present invention provides a method for processing Windows domain account, which includes the steps of:
setting an unlocking mode and a password modifying mode of the Windows domain account;
receiving an account unlocking request of a user;
prompting a user to input unlocking data according to the set unlocking mode;
Receiving unlocking data and verifying whether the unlocking is successful;
after successful unlocking, a prompt of successful unlocking is fed back to the user;
receiving a password modifying request of a user;
prompting a user to input modification data according to the set modification password mode;
receiving modification data and verifying whether the modification is successful; a kind of electronic device with high-pressure air-conditioning system
And when the modification is successful, setting the account password as a new password and feeding back a prompt of the successful modification to the user.
Optionally, the method further comprises the steps of:
setting the sending time of mail notification for an account of which the password is about to expire and has expired, wherein the sending time is set to be any time within M days before the expiration period of the password for the mail notification of the account of which the password is about to expire; the mail notification of the account with the expired password is sent at any time within N days exceeding the expiration period of the password, wherein M and N are positive integers;
and sending the mail notification according to the set sending time and the preset mail template.
Optionally, the method further comprises the steps of:
when a user requests to modify the style of the mail notification, a template file is acquired for editing by the user;
receiving the modification of the template content by the user;
and updating the corresponding template file according to the modification of the user.
Optionally, the unlocking mode includes: and unlocking through a mail dynamic verification code, unlocking through 6 digits after the identification card number is input or unlocking through the employee number, and unlocking through inputting an answer to the security question.
Optionally, the modifying the cryptographic manner includes: the dynamic verification code modification, the original password modification of the input account number and the answer modification of the secret and secure questions are input through the mail.
Optionally, the setting of the sending time of the mail notification and the modification of the style of the mail notification include uniformly setting all accounts of the Windows domain according to the input of an administrator, or customizing setting a single account corresponding to the user according to the input of a common user.
Optionally, in the step of setting the transmission time of the mail notification for the account for which the password is about to expire and has expired, setting of an arbitrary time is achieved by converting the set mail notification transmission time rule into a cron expression.
Optionally, when the user requests to modify the style of the mail notification, the step of obtaining the template file for editing by the user and receiving the modification of the template content by the user includes:
when the user requests to modify the style of the mail notification, the template file is obtained from the site configuration root directory on the server and provided for the user to edit;
Receiving the editing content of the template file by a user;
displaying the real-time mail content effect to the user through the browser;
and receiving real-time modification of the mail content by the user.
In addition, in order to achieve the above objective, the present invention further provides a server, which includes a memory and a processor, wherein the memory stores a Windows domain account processing system that can run on the processor, and the Windows domain account processing system implements the steps of the Windows domain account processing method when executed by the processor.
Further, to achieve the above object, the present invention also provides a computer readable storage medium storing a Windows domain account processing system, where the Windows domain account processing system may be executed by at least one processor, so that the at least one processor performs the steps of the Windows domain account processing method as described above.
Compared with the prior art, the Windows domain account processing method, the server and the computer readable storage medium can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, so that the method, the server and the computer readable storage medium are convenient for users to use and improve user experience. The mail template can be edited at will according to the mail notice of the expired account reminder and the upcoming expired account reminder, the configured style content is checked in real time through the browser, and the style content is changed in real time according to the requirement. The mail sending time can be set, and the mail sending time adopts the cron expression, so that any time rule is supported, and the method is flexible and convenient.
Drawings
FIG. 1 is a schematic diagram of an alternative hardware architecture of a server according to the present invention;
FIG. 2 is a schematic diagram of a program module of a first embodiment of a Windows domain account processing system according to the present invention;
FIG. 3 is a schematic diagram of a program module of a second embodiment of a Windows domain account processing system according to the present invention;
FIG. 4 is a schematic diagram of a program module of a third embodiment of a Windows domain account processing system according to the present invention;
FIG. 5 is a flowchart illustrating a first embodiment of a Windows domain account processing method according to the present invention;
FIG. 6 is a flowchart illustrating a second embodiment of a Windows domain account processing method according to the present invention;
FIG. 7 is a flowchart illustrating a third embodiment of a Windows domain account processing method according to the present invention;
the achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that the description of "first", "second", etc. in this disclosure is for descriptive purposes only and is not to be construed as indicating or implying a relative importance or implying an indication of the number of technical features being indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be considered to be absent and not within the scope of protection claimed in the present invention.
Referring to fig. 1, a schematic diagram of an alternative hardware architecture of a server 2 according to the present invention is shown.
In this embodiment, the server 2 may include, but is not limited to, a memory 11, a processor 12, and a network interface 13, which may be communicatively connected to each other through a system bus. It should be noted that fig. 1 only shows a server 2 having components 11-13, but it should be understood that not all of the illustrated components are required to be implemented, and that more or fewer components may be implemented instead.
The server 2 may be a rack server, a blade server, a tower server, or a cabinet server, and the server 2 may be an independent server or a server cluster formed by a plurality of servers.
The memory 11 includes at least one type of readable storage medium including flash memory, hard disk, multimedia card, card memory (e.g., SD or DX memory, etc.), random Access Memory (RAM), static Random Access Memory (SRAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), programmable Read Only Memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the storage 11 may be an internal storage unit of the server 2, such as a hard disk or a memory of the server 2. In other embodiments, the memory 11 may also be an external storage device of the server 2, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the server 2. Of course, the memory 11 may also comprise both an internal memory unit of the server 2 and an external memory device. In this embodiment, the memory 11 is generally used to store an operating system and various application software installed on the server 2, such as program codes of the Windows domain account processing system 200. Further, the memory 11 may be used to temporarily store various types of data that have been output or are to be output.
The processor 12 may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 12 is typically used to control the overall operation of the server 2. In this embodiment, the processor 12 is configured to execute the program code or process data stored in the memory 11, for example, execute the Windows domain account processing system 200.
The network interface 13 may comprise a wireless network interface or a wired network interface, which network interface 13 is typically used for establishing a communication connection between the server 2 and other electronic devices.
Notably, the server 2 can act as a domain controller for a Windows domain, centrally managing computers and accounts that join the domain.
So far, the hardware structure and function of the related device of the present invention have been described in detail. In the following, various embodiments of the present invention will be presented based on the above description.
First, the present invention proposes a Windows domain account processing system 200.
Referring to FIG. 2, a block diagram of a first embodiment of a Windows domain account number processing system 200 according to the present invention is shown.
In this embodiment, the Windows domain account processing system 200 includes a series of computer program instructions stored in the memory 11, which when executed by the processor 12, implement the Windows domain account processing operations of the embodiments of the present invention. In some embodiments, the Windows domain account processing system 200 can be divided into one or more modules based on the particular operations implemented by portions of the computer program instructions. For example, in fig. 2, the Windows domain account processing system 200 may be partitioned into a setup module 201, a receive module 202, a prompt module 203, a validation module 204, and a feedback module 205. Wherein:
The setting module 201 is configured to set an unlocking mode and a password modification mode.
Specifically, the embodiment supports three modes for unlocking the account, namely, dynamic verification codes are obtained through mails; secondly, other information of the account number is input, including 6 bits after the identification card number and employee numbers; thirdly, inputting an answer to the security question.
Meanwhile, the embodiment also supports three modes for password modification, namely, dynamic verification codes are verified through mails; secondly, inputting an original account number password; thirdly, inputting an answer to the security question.
According to the unlocking mode and the password mode, corresponding account information and password information are also required to be set and stored. For example, a mailbox corresponding to the account, a dynamic verification code generation rule, a 6-bit/employee number after the identification card number, a password requirement, an original password, a secret protection question, a corresponding answer and the like.
The receiving module 202 is configured to receive an account unlocking request of a user.
Specifically, when a user logs in a windows domain account, for example, searches after inputting AD (Active Directory) domain user name information, a required function, for example, account unlocking, may be selected. The system firstly verifies the AD domain user name input by the user, and can execute the function selected later after the verification is passed, and the user needs to input again after the verification fails.
The prompting module 203 is configured to prompt a user to input unlocking data according to the set unlocking mode.
Specifically, when the account unlocking function is selected by the user, a plurality of unlocking modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system and then inputs the verification code, and the system judges whether the verification code input by the user is correct or not. If the mode of 'other information' is selected, the user is further prompted to select the information type (comprising 6 bits after the identification card number or employee number and the like), the selection of the user and the information input correspondingly are received, and then whether the information input by the user is correct or not is verified. If the 'use secret protection' mode is selected, the secret protection questions set before are acquired and displayed to the user, the secret protection question answers input by the user in the answer column are received, and whether the answers are correct or not is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
The verification module 204 is configured to receive the unlocking data and verify whether the unlocking is successful.
Specifically, after the user inputs unlocking data according to the selected unlocking mode, clicking an account unlocking button to unlock the account. And the system verifies whether the input unlocking data of the user are correct or not according to the pre-stored account information.
The feedback module 205 is configured to feedback a prompt for successful unlocking to the user after successful unlocking.
When unlocking data is input incorrectly, the system prompts related error information, and correct data is required to be continuously input to unlock the account. When the unlocking data is correctly input, the system prompts that the account unlocking is successful, and the account unlocking is successful. And after the unlocking is successful, the windows domain account main page can be accessed. After the unlocking is successful, if the user clicks the account unlocking function again, the system displays that the account is not locked, and the unlocking operation is not needed. "indicates that the account has been successfully unlocked.
The receiving module 202 is further configured to receive a request for modifying a password from a user.
Specifically, when a user logs in to a windows domain account, for example, searches after inputting AD domain user name information, a desired function, for example, modifying a password, may be selected. Similarly, the system firstly verifies the AD domain user name input by the user, after the verification is passed, the function selected later can be executed, and if the verification fails, the user needs to input again.
The prompting module 203 is further configured to prompt a user to input modification data according to the set modification password mode.
Specifically, when the user selects the modification password function, a plurality of set modification password modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system, then inputs the verification code, then continues to input a new password, the new password is repeatedly input, and the system judges whether the verification code input by the user is correct or not and whether the two-time input new password meets the requirement or not. If the mode of inputting the original password is selected, prompting the user to input the original password, inputting the new password, repeatedly inputting the new password, and judging whether the original password is correct or not and whether the two-time input new password meets the requirement or not after receiving the password input by the user. If the secret security mode is selected, the secret security questions set before are acquired and displayed to the user, the secret security question answers input by the user in an answer column are received, whether the answers are correct or not is judged, when the answers are correct, the user is prompted to input a new password, the new password is repeatedly input, and after the password input by the user is received, whether the two-time input new password meets the requirements is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
The verification module 204 receives the modification data and verifies whether the modification was successful.
Specifically, after the user inputs the modification data according to the selected modification password mode, the user clicks a password reset button to modify the password. The system verifies whether the input modification data of the user are correct or not according to the pre-stored password information.
The feedback module 205 is further configured to set the account password to a new password and feed back a prompt for successful modification to the user after successful modification.
Specifically, when the data is modified and input in error, the system prompts related error information, and the correct data is required to be continuously input for password modification. When the modification data is correctly input, the system prompts that the account number password is successfully reset, and the account number password is successfully modified. After the password is successfully reset, when a user selects 'information update' or other functions, a new password is input to log in the system, if the system logs in successfully, the password is successfully reset, otherwise, the password is failed to be reset.
The Windows domain account processing system provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, so that the system is convenient for users to use and improves user experience.
Referring to FIG. 3, a program module diagram of a second embodiment of a Windows domain account number processing system 200 according to the present invention is shown. In this embodiment, the Windows domain account processing system 200 further includes a notification module 206 in addition to the setting module 201, the receiving module 202, the prompting module 203, the verifying module 204, and the feedback module 205 in the first embodiment.
The setting module 201 is further configured to set a mail notification sending time.
Specifically, mail notification refers to the system automatically sending a reminder to an account for which the password is about to expire and has expired. The sending time can be set to be any time within M days before the expiration time of the password for mail notification of the account of which the password is about to expire; for mail notification of an account for which the password has expired, the sending time may be set to any time within N days of the expiration of the password, where M and N are positive integers.
In this embodiment, the mail notification sending time rule is converted into the corresponding cron expression, and the specific conversion mode can be configured by using the existing tool or website. And opening a 'SelfService\Web.config' file in the site configuration root directory on the server. Finding an ExpireAccount SendMailJobTimeScheduler field, and modifying the Value of the field as the cron expression. The system automatically updates the mail notification sending time configuration information, and the configuration is completed.
The cron expression is a string of characters, the fields are separated by 5 or 6 spaces and are divided into 6 or 7 fields, each field representing a meaning, and the main syntax format is "Seconds Minutes Hours DayofMonth Month DayofWeek Year" (the date in the date month star in the second minute month) or "Seconds Minutes Hours DayofMonth Month DayofWeek" (the date in the date month star in the second minute hour month). Each field may be allowed to be specific special characters in addition to the corresponding numerical value or english. For example, the character "×" indicates any value that matches the field, such as using "×" in the minerals field, that is, indicating that events are triggered every minute. The character "-" indicates a range, e.g., using "5-20" in the Minutes field, indicating that from 5 Minutes to 20 Minutes trigger once per minute. The character "/" indicates that the start time starts to trigger and then triggers every fixed time, e.g. "5/20" is used in the Minutes field, meaning that the trigger is 5 Minutes and then every 20 Minutes, i.e. 25 Minutes, 45 Minutes, respectively. The character "indicates that enumerated values are listed, e.g." 5,20 "is used in the Minutes field, meaning triggering at 5 Minutes and 20 Minutes. The character "L" indicates that finally, only the dayoffeek and dayoffmontath fields can be presented, e.g. the use of "5L" in the dayoffeek field means triggering on the last thursday.
By converting the set mail notification transmission time rule into the cron expression, setting of an arbitrary time can be achieved. For example, the expression "0 15 10? * MON-FRI "means monday to friday every day 10:15 am trigger. The expression "0 0/5, 14, 18? "means triggering every 5 minutes during 2:00 pm to 2:55 pm and 6:00 pm to 6:55 pm each day.
In this embodiment, the setting module 201 may set the mail notification sending time according to the received setting information input by the user. The user may be an administrator of the domain or a general user. When the user is an administrator, the setting module 201 performs unified setting of transmission time for all accounts in the domain according to an input of the administrator. When the user is a normal user, the setting module 201 sets the corresponding single account individually according to the input of the user, that is, different customized settings can be performed according to the needs and preferences of different users.
The notification module 206 is configured to send a mail notification according to the set sending time and the mail template.
Specifically, the system automatically queries an account with the password about to expire and an account which has expired, and acquires mail address information corresponding to the account. And then generating mail content according to the mail template configured by the system. And finally, automatically sending the mail with the account about to expire or expired reminding to the corresponding mailbox address according to the mail sending time rule configured by the system.
The Windows domain account processing system provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, so that the system is convenient for users to use and improves user experience. The method can also set the sending time aiming at the expired account reminding and the mail notification about to expire account reminding, and the mail sending time adopts the cron expression, so that any time rule is supported, and the method is flexible and convenient.
Referring to FIG. 4, a program module diagram of a third embodiment of a Windows domain account number processing system 200 according to the present invention is shown. In this embodiment, the Windows domain account processing system 200 includes an acquisition module 207 and an update module 208 in addition to the setting module 201, the receiving module 202, the prompting module 203, the verification module 204, the feedback module 205 and the notification module 206 in the second embodiment.
The obtaining module 207 is configured to obtain a template file for editing by a user when the user requests to modify the style of the mail notification.
Specifically, after receiving a request of a user, opening a "SelfService\res\html\folder in a site configuration root directory on a server, wherein ExpirieAccount.html is an expired account reminding mail template, and ImminentExpirieAccount.html is an upcoming expired account reminding mail template, and acquiring a template file which the user wants to modify from the template file.
The receiving module 202 is configured to receive a modification of the template content by a user.
Specifically, the user can edit the content of the template file according to the service requirement, wherein $ (userName), win $ (accountName) $ (day), and $ (WebSite) are data transmitted into the system, cannot be modified, and other contents can be edited at will. After the template content editing is completed, the mail content effect can be checked by opening the chrome browser. The modifications can then be edited in real time as desired.
The updating module 208 is configured to update the corresponding template file according to the modification of the user.
Specifically, after the template modification is completed, the template is put back into a "SelfService\res\html\folder in a site configuration root directory on the server, a corresponding original template file in the" SelfService\res\html\folder is replaced, and then the site on the IIS is restarted, so that mail template updating can be completed.
The user may be an administrator of the domain or a general user. When the user is an administrator, the update module 208 performs a unified update of the mail templates for all accounts in the domain according to the administrator's modifications. When the user is a general user, the update module 208 updates the mail style of the corresponding single account according to the modification of the user, so that different customized settings can be performed according to the needs and preferences of different users.
In this embodiment, the system will automatically take effect in real time once all the parameters (password, mail notification time, template) configured above are successfully modified.
The Windows domain account processing system provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, so that the system is convenient for users to use and improves user experience. The mail template can be edited at will according to the mail notice of the expired account reminder and the upcoming expired account reminder, the configured style content is checked in real time through the browser, and the style content is changed in real time according to the requirement. The mail sending time can be set, and the mail sending time adopts the cron expression, so that any time rule is supported, and the method is flexible and convenient.
In addition, the invention also provides a Windows domain account processing method.
Referring to fig. 5, a flowchart of a first embodiment of a Windows domain account processing method according to the present invention is shown. In this embodiment, the execution sequence of the steps in the flowchart shown in fig. 5 may be changed, and some steps may be omitted according to different requirements.
The method comprises the following steps:
step S500, an unlocking mode and a password modifying mode are set.
Specifically, the embodiment supports three modes for unlocking the account, namely, dynamic verification codes are obtained through mails; secondly, other information of the account number is input, including 6 bits after the identification card number and employee numbers; thirdly, inputting an answer to the security question.
Meanwhile, the embodiment also supports three modes for password modification, namely, dynamic verification codes are verified through mails; secondly, inputting an original account number password; thirdly, inputting an answer to the security question.
According to the unlocking mode and the password mode, corresponding account information and password information are also required to be set and stored. For example, a mailbox corresponding to the account, a dynamic verification code generation rule, a 6-bit/employee number after the identification card number, a password requirement, an original password, a secret protection question, a corresponding answer and the like.
Step S502, an account unlocking request of a user is received.
Specifically, when a user logs in a windows domain account, for example, searches after inputting AD domain user name information, a required function, for example, account unlocking, may be selected. The system firstly verifies the AD domain user name input by the user, and can execute the function selected later after the verification is passed, and the user needs to input again after the verification fails.
Step S504, the user is prompted to input unlocking data according to the set unlocking mode.
Specifically, when the account unlocking function is selected by the user, a plurality of unlocking modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system and then inputs the verification code, and the system judges whether the verification code input by the user is correct or not. If the mode of 'other information' is selected, the user is further prompted to select the information type (comprising 6 bits after the identification card number or employee number and the like), the selection of the user and the information input correspondingly are received, and then whether the information input by the user is correct or not is verified. If the 'use secret protection' mode is selected, the secret protection questions set before are acquired and displayed to the user, the secret protection question answers input by the user in the answer column are received, and whether the answers are correct or not is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S506, receiving unlocking data and verifying whether the unlocking is successful.
Specifically, after the user inputs unlocking data according to the selected unlocking mode, clicking an account unlocking button to unlock the account. And the system verifies whether the input unlocking data of the user are correct or not according to the pre-stored account information.
Step S508, after the unlocking is successful, a prompt of the successful unlocking is fed back to the user.
When unlocking data is input incorrectly, the system prompts related error information, and correct data is required to be continuously input to unlock the account. When the unlocking data is correctly input, the system prompts that the account unlocking is successful, and the account unlocking is successful. And after the unlocking is successful, the windows domain account main page can be accessed. After the unlocking is successful, if the user clicks the account unlocking function again, the system displays that the account is not locked, and the unlocking operation is not needed. "indicates that the account has been successfully unlocked.
Step S510, a request for modifying the password is received.
Specifically, when a user logs in to a windows domain account, for example, searches after inputting AD domain user name information, a desired function, for example, modifying a password, may be selected. Similarly, the system firstly verifies the AD domain user name input by the user, after the verification is passed, the function selected later can be executed, and if the verification fails, the user needs to input again.
Step S512, prompting the user to input modification data according to the set modification password mode.
Specifically, when the user selects the modification password function, a plurality of set modification password modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system, then inputs the verification code, then continues to input a new password, the new password is repeatedly input, and the system judges whether the verification code input by the user is correct or not and whether the two-time input new password meets the requirement or not. If the mode of inputting the original password is selected, prompting the user to input the original password, inputting the new password, repeatedly inputting the new password, and judging whether the original password is correct or not and whether the two-time input new password meets the requirement or not after receiving the password input by the user. If the secret security mode is selected, the secret security questions set before are acquired and displayed to the user, the secret security question answers input by the user in an answer column are received, whether the answers are correct or not is judged, when the answers are correct, the user is prompted to input a new password, the new password is repeatedly input, and after the password input by the user is received, whether the two-time input new password meets the requirements is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S514, receiving the modification data and verifying whether the modification is successful.
Specifically, after the user inputs the modification data according to the selected modification password mode, the user clicks a password reset button to modify the password. The system verifies whether the input modification data of the user are correct or not according to the pre-stored password information.
Step S516, when the modification is successful, the account password is set to be a new password and a prompt for the successful modification is fed back to the user.
Specifically, when the data is modified and input in error, the system prompts related error information, and the correct data is required to be continuously input for password modification. When the modification data is correctly input, the system prompts that the account number password is successfully reset, and the account number password is successfully modified. After the password is successfully reset, when a user selects 'information update' or other functions, a new password is input to log in the system, if the system logs in successfully, the password is successfully reset, otherwise, the password is failed to be reset.
The Windows domain account processing method provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, is convenient for users to use, and improves user experience.
Fig. 6 is a schematic flow chart of a second embodiment of the Windows domain account processing method of the present invention. In this embodiment, steps S600-S616 of the Windows domain account processing method are similar to steps S500-S516 of the first embodiment, except that the method further includes steps S618-S620.
The method comprises the following steps:
step S600, an unlocking mode and a password modifying mode are set.
Specifically, the embodiment supports three modes for unlocking the account, namely, dynamic verification codes are obtained through mails; secondly, other information of the account number is input, including 6 bits after the identification card number and employee numbers; thirdly, inputting an answer to the security question.
Meanwhile, the embodiment also supports three modes for password modification, namely, dynamic verification codes are verified through mails; secondly, inputting an original account number password; thirdly, inputting an answer to the security question.
According to the unlocking mode and the password mode, corresponding account information and password information are also required to be set and stored. For example, a mailbox corresponding to the account, a dynamic verification code generation rule, a 6-bit/employee number after the identification card number, a password requirement, an original password, a secret protection question, a corresponding answer and the like.
Step S602, an account unlocking request of a user is received.
Specifically, when a user logs in a windows domain account, for example, searches after inputting AD domain user name information, a required function, for example, account unlocking, may be selected. The system firstly verifies the AD domain user name input by the user, and can execute the function selected later after the verification is passed, and the user needs to input again after the verification fails.
Step S604, the user is prompted to input unlocking data according to the set unlocking mode.
Specifically, when the account unlocking function is selected by the user, a plurality of unlocking modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system and then inputs the verification code, and the system judges whether the verification code input by the user is correct or not. If the mode of 'other information' is selected, the user is further prompted to select the information type (comprising 6 bits after the identification card number or employee number and the like), the selection of the user and the information input correspondingly are received, and then whether the information input by the user is correct or not is verified. If the 'use secret protection' mode is selected, the secret protection questions set before are acquired and displayed to the user, the secret protection question answers input by the user in the answer column are received, and whether the answers are correct or not is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S606, receiving unlocking data and verifying whether the unlocking is successful.
Specifically, after the user inputs unlocking data according to the selected unlocking mode, clicking an account unlocking button to unlock the account. And the system verifies whether the input unlocking data of the user are correct or not according to the pre-stored account information.
Step S608, after the unlocking is successful, a prompt of the successful unlocking is fed back to the user.
When unlocking data is input incorrectly, the system prompts related error information, and correct data is required to be continuously input to unlock the account. When the unlocking data is correctly input, the system prompts that the account unlocking is successful, and the account unlocking is successful. And after the unlocking is successful, the windows domain account main page can be accessed. After the unlocking is successful, if the user clicks the account unlocking function again, the system displays that the account is not locked, and the unlocking operation is not needed. "indicates that the account has been successfully unlocked.
Step S610, a request for modifying a password is received from a user.
Specifically, when a user logs in to a windows domain account, for example, searches after inputting AD domain user name information, a desired function, for example, modifying a password, may be selected. Similarly, the system firstly verifies the AD domain user name input by the user, after the verification is passed, the function selected later can be executed, and if the verification fails, the user needs to input again.
Step S612, prompting the user to input modification data according to the set modification password mode.
Specifically, when the user selects the modification password function, a plurality of set modification password modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system, then inputs the verification code, then continues to input a new password, the new password is repeatedly input, and the system judges whether the verification code input by the user is correct or not and whether the two-time input new password meets the requirement or not. If the mode of inputting the original password is selected, prompting the user to input the original password, inputting the new password, repeatedly inputting the new password, and judging whether the original password is correct or not and whether the two-time input new password meets the requirement or not after receiving the password input by the user. If the secret security mode is selected, the secret security questions set before are acquired and displayed to the user, the secret security question answers input by the user in an answer column are received, whether the answers are correct or not is judged, when the answers are correct, the user is prompted to input a new password, the new password is repeatedly input, and after the password input by the user is received, whether the two-time input new password meets the requirements is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S614, receiving the modification data and verifying whether the modification is successful.
Specifically, after the user inputs the modification data according to the selected modification password mode, the user clicks a password reset button to modify the password. The system verifies whether the input modification data of the user are correct or not according to the pre-stored password information.
Step S616, when the modification is successful, the account password is set as a new password and a prompt for the successful modification is fed back to the user.
Specifically, when the data is modified and input in error, the system prompts related error information, and the correct data is required to be continuously input for password modification. When the modification data is correctly input, the system prompts that the account number password is successfully reset, and the account number password is successfully modified. After the password is successfully reset, when a user selects 'information update' or other functions, a new password is input to log in the system, if the system logs in successfully, the password is successfully reset, otherwise, the password is failed to be reset.
Step S618, the mail notification transmission time is set.
Specifically, mail notification refers to the system automatically sending a reminder to an account for which the password is about to expire and has expired. The sending time can be set to be any time within M days before the expiration time of the password for mail notification of the account of which the password is about to expire; for mail notification of an account for which the password has expired, the sending time may be set to any time within N days of the expiration of the password, where M and N are positive integers.
In this embodiment, the mail notification sending time rule is converted into the corresponding cron expression, and the specific conversion mode can be configured by using the existing tool or website. And opening a 'SelfService\Web.config' file in the site configuration root directory on the server. Finding an ExpireAccount SendMailJobTimeScheduler field, and modifying the Value of the field as the cron expression. The system automatically updates the mail notification sending time configuration information, and the configuration is completed.
The cron expression is a string of characters, the fields are separated by 5 or 6 spaces and are divided into 6 or 7 fields, each field representing a meaning, and the main syntax format is "Seconds Minutes Hours DayofMonth Month DayofWeek Year" (the date in the date month star in the second minute month) or "Seconds Minutes Hours DayofMonth Month DayofWeek" (the date in the date month star in the second minute hour month). Each field may be allowed to be specific special characters in addition to the corresponding numerical value or english. For example, the character "×" indicates any value that matches the field, such as using "×" in the minerals field, that is, indicating that events are triggered every minute. The character "-" indicates a range, e.g., using "5-20" in the Minutes field, indicating that from 5 Minutes to 20 Minutes trigger once per minute. The character "/" indicates that the start time starts to trigger and then triggers every fixed time, e.g. "5/20" is used in the Minutes field, meaning that the trigger is 5 Minutes and then every 20 Minutes, i.e. 25 Minutes, 45 Minutes, respectively. The character "indicates that enumerated values are listed, e.g." 5,20 "is used in the Minutes field, meaning triggering at 5 Minutes and 20 Minutes. The character "L" indicates that finally, only the dayoffeek and dayoffmontath fields can be presented, e.g. the use of "5L" in the dayoffeek field means triggering on the last thursday.
By converting the set mail notification transmission time rule into the cron expression, setting of an arbitrary time can be achieved. For example, the expression "0 15 10? * MON-FRI "means monday to friday every day 10:15 am trigger. The expression "0 0/5, 14, 18? "means triggering every 5 minutes during 2:00 pm to 2:55 pm and 6:00 pm to 6:55 pm each day.
In this embodiment, the mail notification transmission time may be set according to the received setting information input by the user. The user may be an administrator of the domain or a general user. When the user is an administrator, the unified setting of the transmission time is performed for all accounts in the domain according to the input of the administrator. When the user is a common user, the corresponding single account is independently set according to the input of the user, and different customized settings can be carried out according to the requirements and the preference of different users.
Step S620, sending mail notification according to the set sending time and the mail template.
Specifically, the system automatically queries an account with the password about to expire and an account which has expired, and acquires mail address information corresponding to the account. And then generating mail content according to the mail template configured by the system. And finally, automatically sending the mail with the account about to expire or expired reminding to the corresponding mailbox address according to the mail sending time rule configured by the system.
The Windows domain account processing method provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, is convenient for users to use, and improves user experience. The method can also set the sending time aiming at the expired account reminding and the mail notification about to expire account reminding, and the mail sending time adopts the cron expression, so that any time rule is supported, and the method is flexible and convenient.
Fig. 7 is a schematic flow chart of a third embodiment of the Windows domain account processing method of the present invention. In this embodiment, steps S700 to S720 of the Windows domain account processing method are similar to steps S600 to S620 of the second embodiment, except that the method further includes steps S722 to S726.
The method comprises the following steps:
step S700, an unlocking mode and a password modifying mode are set.
Specifically, the embodiment supports three modes for unlocking the account, namely, dynamic verification codes are obtained through mails; secondly, other information of the account number is input, including 6 bits after the identification card number and employee numbers; thirdly, inputting an answer to the security question.
Meanwhile, the embodiment also supports three modes for password modification, namely, dynamic verification codes are verified through mails; secondly, inputting an original account number password; thirdly, inputting an answer to the security question.
According to the unlocking mode and the password mode, corresponding account information and password information are also required to be set and stored. For example, a mailbox corresponding to the account, a dynamic verification code generation rule, a 6-bit/employee number after the identification card number, a password requirement, an original password, a secret protection question, a corresponding answer and the like.
Step S702, an account unlocking request of a user is received.
Specifically, when a user logs in a windows domain account, for example, searches after inputting AD domain user name information, a required function, for example, account unlocking, may be selected. The system firstly verifies the AD domain user name input by the user, and can execute the function selected later after the verification is passed, and the user needs to input again after the verification fails.
Step S704, the user is prompted to input unlocking data according to the set unlocking mode.
Specifically, when the account unlocking function is selected by the user, a plurality of unlocking modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system and then inputs the verification code, and the system judges whether the verification code input by the user is correct or not. If the mode of 'other information' is selected, the user is further prompted to select the information type (comprising 6 bits after the identification card number or employee number and the like), the selection of the user and the information input correspondingly are received, and then whether the information input by the user is correct or not is verified. If the 'use secret protection' mode is selected, the secret protection questions set before are acquired and displayed to the user, the secret protection question answers input by the user in the answer column are received, and whether the answers are correct or not is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S706, receiving the unlocking data and verifying whether the unlocking is successful.
Specifically, after the user inputs unlocking data according to the selected unlocking mode, clicking an account unlocking button to unlock the account. And the system verifies whether the input unlocking data of the user are correct or not according to the pre-stored account information.
Step S708, after the unlocking is successful, a prompt of the successful unlocking is fed back to the user.
When unlocking data is input incorrectly, the system prompts related error information, and correct data is required to be continuously input to unlock the account. When the unlocking data is correctly input, the system prompts that the account unlocking is successful, and the account unlocking is successful. And after the unlocking is successful, the windows domain account main page can be accessed. After the unlocking is successful, if the user clicks the account unlocking function again, the system displays that the account is not locked, and the unlocking operation is not needed. "indicates that the account has been successfully unlocked.
Step S710, a password modification request of a user is received.
Specifically, when a user logs in to a windows domain account, for example, searches after inputting AD domain user name information, a desired function, for example, modifying a password, may be selected. Similarly, the system firstly verifies the AD domain user name input by the user, after the verification is passed, the function selected later can be executed, and if the verification fails, the user needs to input again.
Step S712, prompting the user to input modification data according to the set modification password mode.
Specifically, when the user selects the modification password function, a plurality of set modification password modes are provided for the user to select. If the dynamic verification code mode is selected, after a user clicks a mail verification code acquisition button, a verification code is dynamically generated according to preset rules, a mail with the verification code is sent to a mailbox corresponding to the account, the user logs in the mailbox to check the verification code sent by the system, then inputs the verification code, then continues to input a new password, the new password is repeatedly input, and the system judges whether the verification code input by the user is correct or not and whether the two-time input new password meets the requirement or not. If the mode of inputting the original password is selected, prompting the user to input the original password, inputting the new password, repeatedly inputting the new password, and judging whether the original password is correct or not and whether the two-time input new password meets the requirement or not after receiving the password input by the user. If the secret security mode is selected, the secret security questions set before are acquired and displayed to the user, the secret security question answers input by the user in an answer column are received, whether the answers are correct or not is judged, when the answers are correct, the user is prompted to input a new password, the new password is repeatedly input, and after the password input by the user is received, whether the two-time input new password meets the requirements is judged. In addition, when the security questions are provided in plural, the user may choose to switch the security questions, for example by clicking a "change one" button.
Step S714, the modification data is received and it is verified whether the modification is successful.
Specifically, after the user inputs the modification data according to the selected modification password mode, the user clicks a password reset button to modify the password. The system verifies whether the input modification data of the user are correct or not according to the pre-stored password information.
Step S716, when the modification is successful, setting the account password as a new password and feeding back a prompt of the successful modification to the user.
Specifically, when the data is modified and input in error, the system prompts related error information, and the correct data is required to be continuously input for password modification. When the modification data is correctly input, the system prompts that the account number password is successfully reset, and the account number password is successfully modified. After the password is successfully reset, when a user selects 'information update' or other functions, a new password is input to log in the system, if the system logs in successfully, the password is successfully reset, otherwise, the password is failed to be reset.
Step S718, setting mail notification transmission time.
Specifically, mail notification refers to the system automatically sending a reminder to an account for which the password is about to expire and has expired. The sending time can be set to be any time within M days before the expiration time of the password for mail notification of the account of which the password is about to expire; for mail notification of an account for which the password has expired, the sending time may be set to any time within N days of the expiration of the password, where M and N are positive integers.
In this embodiment, the mail notification sending time rule is converted into the corresponding cron expression, and the specific conversion mode can be configured by using the existing tool or website. And opening a 'SelfService\Web.config' file in the site configuration root directory on the server. Finding an ExpireAccount SendMailJobTimeScheduler field, and modifying the Value of the field as the cron expression. The system automatically updates the mail notification sending time configuration information, and the configuration is completed.
By converting the set mail notification transmission time rule into the cron expression, setting of an arbitrary time can be achieved. For example, the expression "0 15 10? * MON-FRI "means monday to friday every day 10:15 am trigger. The expression "0 0/5, 14, 18? "means triggering every 5 minutes during 2:00 pm to 2:55 pm and 6:00 pm to 6:55 pm each day.
In this embodiment, the mail notification transmission time may be set according to the received setting information input by the user. The user may be an administrator of the domain or a general user. When the user is an administrator, the unified setting of the transmission time is performed for all accounts in the domain according to the input of the administrator. When the user is a common user, the corresponding single account is independently set according to the input of the user, and different customized settings can be carried out according to the requirements and the preference of different users.
Step S720, sending mail notification according to the set sending time and the mail template.
Specifically, the system automatically queries an account with the password about to expire and an account which has expired, and acquires mail address information corresponding to the account. And then generating mail content according to the mail template configured by the system. And finally, automatically sending the mail with the account about to expire or expired reminding to the corresponding mailbox address according to the mail sending time rule configured by the system.
In step S722, when the user requests to modify the style of the mail notification, the template file is acquired for editing by the user.
Specifically, after receiving a request of a user, opening a "SelfService\res\html\folder in a site configuration root directory on a server, wherein ExpirieAccount.html is an expired account reminding mail template, and ImminentExpirieAccount.html is an upcoming expired account reminding mail template, and acquiring a template file which the user wants to modify from the template file.
Step S724, a modification of the template content by the user is received.
Specifically, the user can edit the content of the template file according to the service requirement, wherein $ (userName), win $ (accountName) $ (day), and $ (WebSite) are data transmitted into the system, cannot be modified, and other contents can be edited at will. And receiving the edited content of the template file by the user, and displaying the real-time mail content effect to the user through the chrome browser after the template content is edited. The user can then continue editing and modifying the mail content in real time as desired.
Step S726, updating the corresponding template file according to the user modification.
Specifically, after the template modification is completed, the template is put back into a "SelfService\res\html\folder in a site configuration root directory on the server, a corresponding original template file in the" SelfService\res\html\folder is replaced, and then the site on the IIS is restarted, so that mail template updating can be completed.
The user may be an administrator of the domain or a general user. When the user is an administrator, the unified updating of the mail templates is performed on all accounts in the domain according to the modification of the administrator. When the user is a common user, the mail style of the corresponding single account is updated independently according to the modification of the user, and different customized settings can be performed according to the requirements and the preference of different users.
In this embodiment, the system will automatically take effect in real time once all the parameters (password, mail notification time, template) configured above are successfully modified.
The Windows domain account processing method provided by the embodiment can provide flexible and various account unlocking and password modification modes for Windows domain accounts, such as AD domain accounts, is convenient for users to use, and improves user experience. The mail template can be edited at will according to the mail notice of the expired account reminder and the upcoming expired account reminder, the configured style content is checked in real time through the browser, and the style content is changed in real time according to the requirement. The mail sending time can be set, and the mail sending time adopts the cron expression, so that any time rule is supported, and the method is flexible and convenient.
The present invention also provides another embodiment, namely, a computer readable storage medium, where a Windows domain account processing program is stored, where the Windows domain account processing program may be executed by at least one processor, so that the at least one processor performs the steps of the Windows domain account processing method as described above.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims (7)

1. The Windows domain account processing method is characterized by comprising the following steps:
setting an unlocking mode and a password modifying mode of the Windows domain account;
receiving an account unlocking request of a user;
prompting a user to input unlocking data according to the set unlocking mode;
receiving unlocking data and verifying whether the unlocking is successful;
after successful unlocking, a prompt of successful unlocking is fed back to the user;
receiving a password modifying request of a user;
prompting a user to input modification data according to a set modification password mode, wherein when the modification password mode is mail notification, the set mail notification sending time rule is converted into a cron expression, setting of any time is executed by using the cron expression, all accounts of the Windows domain are uniformly set according to the input of an administrator, or customized setting is carried out on a single account corresponding to a user according to the input of a common user;
After receiving a request of modifying mail notification style of a user, opening a specific folder in a site configuration root directory on a server, and acquiring a template file which the user wants to modify from an expired account reminding mail template and an upcoming expired account reminding mail template stored in the specific folder;
receiving a modification of the template file by a user;
after the template file is modified, transmitting the template file back to the specific folder, and restarting the server site on the ISS to complete mail template updating;
receiving modification data and verifying whether the modification is successful; a kind of electronic device with high-pressure air-conditioning system
And when the modification is successful, setting the account password as a new password and feeding back a prompt of the successful modification to the user.
2. The Windows domain account number processing method of claim 1, further comprising the steps of:
setting the sending time of mail notification for an account of which the password is about to expire and has expired, wherein the sending time is set to be any time within M days before the expiration period of the password for the mail notification of the account of which the password is about to expire; the mail notification of the account with the expired password is sent at any time within N days exceeding the expiration period of the password, wherein M and N are positive integers;
And sending the mail notification according to the set sending time and the preset mail template.
3. The method for processing a Windows domain account number according to claim 1 or 2, wherein the unlocking mode includes: and unlocking through a mail dynamic verification code, unlocking through 6 digits after the identification card number is input or unlocking through the employee number, and unlocking through inputting an answer to the security question.
4. The method for processing Windows domain account number according to claim 1 or 2, wherein the modifying the cryptographic scheme includes: the dynamic verification code modification, the original password modification of the input account number and the answer modification of the secret and secure questions are input through the mail.
5. The Windows domain account processing method of claim 1 wherein the step of obtaining a template file for editing by a user when the user requests modification of a style of mail notification, and receiving the user modification of the template content comprises:
when the user requests to modify the style of the mail notification, the template file is obtained from the site configuration root directory on the server and provided for the user to edit;
receiving the editing content of the template file by a user;
displaying the real-time mail content effect to the user through the browser;
and receiving real-time modification of the mail content by the user.
6. A server, characterized in that the server comprises a memory and a processor, wherein a Windows domain account processing system capable of running on the processor is stored in the memory, and the Windows domain account processing system implements the steps of the Windows domain account processing method according to any one of claims 1-5 when being executed by the processor.
7. A computer readable storage medium storing a Windows domain account processing system executable by at least one processor to cause the at least one processor to perform the steps of the Windows domain account processing method of any one of claims 1-5.
CN201910593822.8A 2019-07-02 2019-07-02 Windows domain account processing method, server and computer readable storage medium Active CN110445754B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910593822.8A CN110445754B (en) 2019-07-02 2019-07-02 Windows domain account processing method, server and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910593822.8A CN110445754B (en) 2019-07-02 2019-07-02 Windows domain account processing method, server and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN110445754A CN110445754A (en) 2019-11-12
CN110445754B true CN110445754B (en) 2023-04-28

Family

ID=68428531

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910593822.8A Active CN110445754B (en) 2019-07-02 2019-07-02 Windows domain account processing method, server and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN110445754B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113707155B (en) * 2020-05-22 2024-06-14 中山市富深家用制品有限公司 Voice password modification method and device
CN112131550B (en) * 2020-09-30 2024-05-10 深圳软牛科技有限公司 Windows system unlocking method and device, electronic equipment and computer readable medium
CN115733612A (en) * 2022-11-23 2023-03-03 广州启睿信息科技有限公司 Method, system, equipment and storage medium for AD domain account password modification

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107172087A (en) * 2017-06-30 2017-09-15 北京小米移动软件有限公司 Verification method, device and storage medium based on checking mail
CN109587040A (en) * 2018-12-19 2019-04-05 广东万丈金数信息技术股份有限公司 Mail processing method, system, computer device and storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9591008B2 (en) * 2015-03-06 2017-03-07 Imperva, Inc. Data access verification for enterprise resources
WO2017078682A1 (en) * 2015-11-03 2017-05-11 Hewlett Packard Enterprise Development Lp Password modifications
CN107645467A (en) * 2016-07-20 2018-01-30 平安科技(深圳)有限公司 Password amending method and device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107172087A (en) * 2017-06-30 2017-09-15 北京小米移动软件有限公司 Verification method, device and storage medium based on checking mail
CN109587040A (en) * 2018-12-19 2019-04-05 广东万丈金数信息技术股份有限公司 Mail processing method, system, computer device and storage medium

Also Published As

Publication number Publication date
CN110445754A (en) 2019-11-12

Similar Documents

Publication Publication Date Title
US10805307B1 (en) Multiple data store authentication
CN110445754B (en) Windows domain account processing method, server and computer readable storage medium
EP2109955B1 (en) Provisioning of digital identity representations
US8407767B2 (en) Provisioning of digital identity representations
US6314425B1 (en) Apparatus and methods for use of access tokens in an internet document management system
JP4488953B2 (en) Password policy management server
US9305160B2 (en) Method and system for automatic updating of randomly generated user passwords
US7278155B2 (en) Single sign-on system for application program
US10931673B2 (en) Policy activation for client applications
EP1102157B1 (en) Method and arrangement for secure login in a telecommunications system
CN109416713B (en) Authentication system and non-transitory information recording medium
US11212273B1 (en) Central cryptographic management for computer systems
CN111343168B (en) Identity authentication method and device, computer equipment and readable storage medium
US8341616B2 (en) Updating digitally signed active content elements without losing attributes associated with an original signing user
JP2005527909A (en) User authentication method and system using e-mail address and hardware information
CN103370901A (en) Long-term-signature terminal, long-term-signature server, long-term-signature terminal program, and long-term-signature server program
CN104767900A (en) INFORMATION PROCESSING APPARATUS and INFORMATION PROCESSING METHOD
DE102004048959A1 (en) Information processing apparatus, authentication processing program and authentication storage apparatus
US20170279791A1 (en) Communication apparatus, reminder apparatus, and information recording medium
JP3770173B2 (en) Common key management system and common key management method
CN111767200B (en) Method, device and computer equipment for processing service based on service log
JP2001202332A (en) Authentication program managing system
CN112367339B (en) System security login management method and device
CN114461945A (en) Social application processing method and system based on micro-service architecture
CN111428461A (en) Document delivery process certificate storage method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant