Solved

How to prompt users to change password remotely when expired?

Posted on 2008-10-11
4
1,126 Views
Last Modified: 2009-12-16
My remote users are using Cisco VPN client to connect to the corporate network. We have a Microsoft GPO to force change Windows password (AD) every 90 days.

When the password is expired remote users can not use Outlook, access to network drives...

Is there anyway to let them know when the password is going to expire remotely? Or anyway they can change it remotely by themselves? At the moment they call us and we set a new password in AD.

Thanks,
Alejandro.
0
Comment
Question by:alexsaiz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 27

Accepted Solution

by:
Jason Watkins earned 500 total points
ID: 22697739
0
 
LVL 16

Expert Comment

by:The_Kirschi
ID: 22702818
Hi,

do you know about the "Enable start before logon" option in VPN Client? I think that would solve this issue:

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_user_guide_chapter09186a008015ce82.html#1301567

Daniel
0
 
LVL 7

Expert Comment

by:Mikealcl
ID: 22702861
IIRC there is no way to get a "prompt".  Its the same as if you leave an xp machine on the network and the users password expires.

Normally we told our remote users they had to disconnect/reconnect when this happens.  Then the cisco vpn client will prompt for a password change.  After the password change they then have to lock out/unlock there computer to update the local password hash, else there workstation will continue to use an incorrect one.

Vista has a feature that pops up and tells you when your password is going to expire ahead of time, from the systray.  I haven't had the chance to see if that is functional over VPN but that might be a good valid solution if your willing to use vista.


0
 

Expert Comment

by:wooden1
ID: 22779863
I hate suggesting using a 3rd party tool but there is a great tool "Password Reminder Pro" from www.sysopstools.com 
It sends out reminders (you can customize what the reminder says) via email (15 days, 7 days 1 day) before a password expires l - pretty cheap cost - something like $300 per 100 users.  I have many clients who ask for something like this and it helps the service desk a lot!  
And no I don't work for them just found this product when having the same type of issue.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question