Link to home
Start Free TrialLog in
Avatar of larry73
larry73

asked on

Password resets for remote users

Our domain password policy enforces a change every 90 days.  Our password policy also states that we (IT) shouldn't even know the user's passwords -- we're a health care facility, so it's a HIPAA thing.

It's not a problem for most users, but we have a couple of users who are telecommuters -- they connect to the VPN and work via RDP.  When their password expires, they can't connect to the VPN anymore and therefore can't log to change it.  And from the experiments that I've done, connecting to a machine via RDP wouldn't work to change your password anyway, you have to be logging in locally to a domain machine.  We even tried using Webex and letting them take control to type a new password into the ADUC console, but Webex is apparently too secure for that because it won't allow them to type in the password fields -- they can type anywhere else, just not in those fields.

There must be a way to support this, as there are a lot of remote employees in the workforce today.  Any ideas on how we can do this and stay within our policy?
Avatar of dipopo
dipopo
Flag of United Kingdom of Great Britain and Northern Ireland image

What type of device is the VPN?
Avatar of larry73
larry73

ASKER

It's a Cisco ASA 5510.
ASKER CERTIFIED SOLUTION
Avatar of Nick Rhode
Nick Rhode
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of larry73

ASKER

Ah, I broke the cardinal rule -- always look first.  And here I thought our problems were unique.  ;)

Thanks!
Larry