enforce password policy for mobile users

Posted on 2009-02-24
Medium Priority
Last Modified: 2012-05-06
I am about to enforce a password policy where users have to change their password every 90 days.  in the past when users changed their password... it would work fine on the local area network but on their mobile laptops it would keep their old password.  i understand the machine is caching the credentials but i thought when they logged on again through the vpn that windows would prompt them for their new password or something.  it doesn't.  what can i do to make sure the mobile laptops out in the field match up with their passwords in active directory.
thanks a bunch
Question by:jamesmetcalf74
  • 3
  • 2
LVL 35

Expert Comment

by:Joseph Daly
ID: 23721462
I have run into this myself and from what I have found is the only effective way is to have the laptop connect to the VPN before the user logs on.
LVL 11

Expert Comment

ID: 23721778
So they are connecting to VPN before login?  Ensure they are connected to VPN while changing their passwords on the domain.  If you can do pre-login VPN, then that would synch the passwords and allow GP to take effect normally.

Author Comment

ID: 23722383
i didnt know you could do a vpn connection before users login.  we are using pptp with a verizon connection manager suite.  also.  i dont think our local dns servers are used on the laptops.  they only need access to one resource on our network and that is resolved by host file.  this is getting more complicated than i thought.  can i get guidance on setting up vpn before users login?

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

LVL 11

Accepted Solution

jfields71 earned 500 total points
ID: 23722457
LVL 35

Assisted Solution

by:Joseph Daly
Joseph Daly earned 500 total points
ID: 23722459
This EE topic has help on VPN conenctions. Looks like a decent discussion cant really say if it will help though.

LVL 35

Expert Comment

by:Joseph Daly
ID: 23805501
Just for the sake of futurer searchers/question askers what did you end up going with if anything?

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question