Have you looked at http://codeplex.com/cks? I think that the User Group Edition
(UGE) has examples of self registration and change  password. If not, we have a
Web Part that we used to give away. I'll have to look it up but you are welcome
to it.

The CKS:IEE has the web parts for self-registration and FBA User Administration.
However, those web parts require a functional, configured FBA authentication
provider.

I did this for one client in the past simply by implementing a custom Login.aspx
page that included the standard ASP.NET 2.0 User Registration Wizard and
Password change  controls. In that case we implemented  the FBA environment  using
the LDAPmembership provider. Did you use the LDAP provider, the AD provider, or
did you create your own?

I try to understand, but it seems it work only if you have installed completed
CKS. I will be thankful if you provide me webparts.

Unless I have missed something, using ADAM as it exists out of the
box you cannot implement  a password  retrieval mechanism as ADAM does
not allow the retrieval of passwords.

We created a custom attribute to store a "mirrored" coppy of the
password (encrypted of course). This may seem a bit redundant, but
this allows things such as the ActiveDirectoryMembershipProvider to
work with a standard configuration (it uses the internal password) as
well as being able to use the password for things like Single Sign On
(SSO). We could have implemented  a password retrieval mechanism but
we chose not to (at least not for now).

I could share code  but there really isn't anything fancy about what
we have done (just a lot of LDAP programming using classes from the
System.DirectoryServices namespace).

SQL membership providers don't store passwords either, they only store a HASH
code for the password. So the ASP.NET password  retrieval control is setup to
reset the password to a randomly generated one and send that as the "RESET"
password.

Well, you can configure the SQLMembership provider to store the passwords in
clear text, it is just not recommended.

You can also configure the SqlMembershipProvider to store passwords
in an encrypted format (with a symmetric algorithm) which enables
password retrieval.

Understood. The point was that the default is HASH, but properly configured the
Password retrieval control still works. The original question suggested the
control couldn't be used because of the way ADAM stores (or doesn't store)
passwords. I was merely giving an example that proves it does work with FBA
providers that don't store the password.

I am using ADAM (Active Directory Acess Module)

I understand that you are using ADAM as the directory. But which ASP.NET
membership provider did you implement  and point at ADAM? There are several
available. You could have used the generic LDAPmembership provider, or the
ADmembership provider. Or you could have written your own custom provider. The
parameters you need to set on the provider are different depending which one you
used.

If it is not against your ethics, can you please share the code? I am mainly
interested in Change password  as well reset password.

The following code  snippet is what I use...

object[] parameters = null;

parameters = new object[1];
parameters[0] = "password";

try
{
de.Invoke("SetPassword", parameters);
}
catch
{
;
}

The string "password" should be replaced with the desired password.
The de object is a DirectoryEntry object representing the (user)
object you want to set or change  the password  for. You should also
add code to the catch block but what is added will be up to you.

This will set what I call the internal password (the one that cannot
be retrieved). As mentioned, we store a "mirrored" copy of the
password in another attribute. This is set just like any other
attribute (using a custom encryption component in our case).

There a few things I would like to mention in case you are not
already aware of them (please disregard them if you are).

First, if you use the code above, by default, you must make a
connection to ADAM via SSL. Configuring a certificate for use with
ADAM is not too bad once you have done it a time or two. You can set
a flag so that password resets will work over a non-secure port but
this is not recommended for a production environment.

Second, when setting a password in ADAM, the password policy of all
accounts in ADAM is inherited from the password policy for the
account (NETWORK SERVICE, domain account, etc.) that is used to run
the ADAM service.

Third, there is a book titled "The .NET Developer's Guide to
Directory Services Programming" available. I do not own this book
personally but I have been told it is good. A consultant that helped
us once had this book which is what he used to help me figure out the
code above. The web site for this book
(http://www.directoryprogramming.net) has a good forum to post
questions. I think this site is really intended for discussions
about the book but one of the authors (Joe Kaplan) is nice enough to
answer other questions (and has done so a number of times for me).
This is a bit off topic but if you ever find yourself working  with
(swearing at) the ADFS product, this site has an excellent forum for
this product as well.

Here is my code, am able to add web part but once I click for submit, it is
giving me following error
"Password couldn't be changed due to restrictionsUnknown error (0x80005000)"

Please advise
****** code  Start
try{//change password  for the forms auth user//output.Text +=
strLoginName;//MembershipUser mUser =
Membership.GetUser(GetUserName());DirectoryEntryentry =
newDirectoryEntry("LDAP://localhost:389/CN=Users,O=ADAM,C=US", strLoginName,
oldpassword.Text.ToString(), AuthenticationTypes.None);try{
entry.Invoke(
entry.CommitChanges();
output.Text +=
}
{
output.Text +=
output.Text += ex.Message;
}
output.Text +=
}
{
output.Text += "SetPassword", newobject[] { newpassword.Text.ToString() });"<BR>
<b>Password is changed</b>";catch(Exceptionex)"<b> Password couldn't be changed
due to restrictions<b>";"<BR> <b>Password is
changed</b>";catch(Exceptionerror)"User Password change  Error:\n"+
error.StackTrace.ToString() + "\n"+ error.Message.ToString();//output.Text +=
"<BR>" + error.Message.ToString();}
****** Code Ends

I am using LDAPmembership provide. I followed these article for installing and
configuring ADAM
https://blogs.pointbridge.com/Blogs/morse_matt/Pages/Post.aspx?_ID=2
Let me know if you need more information