Main Nav

Message from

<?xml version="1.0" encoding="UTF-8"?>
Following the same sentiment Bill shared, I too cannot find the notes I took on a question. Would anyone have a resource they would recommend to manage giving folks the ability to change an active directory password from a remote location?


Donna Dayton
Director of Technology
Cate School
1960 Cate Mesa Rd.
Carpinteria, CA 93013
805.684.4127 ext. 268
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at


The ManageEngine tool is nice, but a bit pricey!

We get this ability as part of our Google Apps Single-Sign-On tool from LTech (which was not cheap initially, but in the long term has more than paid for itself).  

If you are adventurous, you can do this yourself -- configure both an ADFS and a FIM server (ADFS = Active Directory Federation Server, FIM = Forefront Identity Manager) and you'll get SSO with any SAMLv2-compliant site (Google Apps among them) and the web-based password change ability.

We are eventually going to move in this direction and away from our LTech solution since the LTech solution only works for Google Apps SSO and doesn't support other SAMLv2 services.  We learned this recently when we activated our Druva laptop backup service and couldn't get the SSO to work with our current sign-on page.  So, we spun up an ADFS server and voilá, SSO to Druva.  Now, we just need to get the FIM configured and we'll be able to switch over to a new SSO page that will take care of SSO to Google Apps and Druva, all on the same page.


Christopher Butler
Director of Information Services
St. John's Preparatory School