Appreciated!

>>>This is all either detailed API or ADSI; both can handle this, as long as authentication as opposed to actually changing the current session's user context is the goal. ADSI can manipulate passwords through the IADsUser object's ChangePassword method; there's detailed C++ code in the MSDN library.
>>>
>>>Also check the topics IADsUser, IADsUser Property Methods, ADSI Error Codes in the library. It's on the Web somewhere on the MSDN site, but there's several hundred pages of docs. A good book on the topic is "ADSI ASP Programmer's Reference" from WROX Press - see the link in my .sig
>>
>>Does ISAPI have anything to do with authorization? I've often wondered, " How would a local VFP client engage a particular server's ISAPI? Does the connect automatically start an ISAPI (if he's the guy?) session?". I'm still wondering <g>.
>
>No need to wonder - check the MSDN Library under ISAPI; security context. The following is cut from the MSDN ref:

---

>Passing Security Context
>Windows establishes a security context for each logged on user. When IIS receives a request from a client, it authenticates the request and then impersonates the client. While IIS is impersonating the client, IIS operates within the confines of the authenticated client's security context. This security context may change during the various stages of request processing, depending on the nature of the client request. The following diagram illustrates the various security contexts that may play a part in request processing.
>
>< diagram explaining things visually here >
>
>The security context of the IIS process (inetinfo) is known as LocalSystem. However, when IIS is processing a client request, it will impersonate the context of the client that generated the request. If the client is authenticated with the Anonymous authentication scheme, the security context will be IUSR_machinename for in process applications and IWAM_machinename for applications running in an isolated process. If the client is authenticated with any other authentication scheme, the security context will map to the individual account of the client.