zingab
asked on
citrix presentation server 4.0 passwords
We have a citrix presentation server 4.0 - users are using pna agent and xen app agent to access their applications - Each time a create a user i need to set it so that their passwords never expire - i want to be able to promp the user to change the password after so many days, but i do not get the prompt, i just get a message that "specified password is no longer valid" and the user has no way of changing their password. Does anyone know step by step what i need to do to get password changes to work
ASKER
not sure if you answered my question
The simple answer is, if you create an account with "password never expire" - as you stated in your question, then it's working as intended, the user will ever get prompted to change their password. You have to uncheck this to allow domain/computer policies to take over and force the user to change the password.
To set the Domain Policy:
Use gpmc.msc (or dsa.msc for older domains)
In the Default Domain Policy at the root of AD
Security Settings > Account Policies > Password Policy
To set a local computer (note a domain policy will overwrite this in a AD environment if it's set):
Secpol.msc
Computer Settings > Security Settings > Account Policies > Password Policy.
If that doesn't cover it then I'll need some more clarity of what it is exactly you are trying to do.
To set the Domain Policy:
Use gpmc.msc (or dsa.msc for older domains)
In the Default Domain Policy at the root of AD
Security Settings > Account Policies > Password Policy
To set a local computer (note a domain policy will overwrite this in a AD environment if it's set):
Secpol.msc
Computer Settings > Security Settings > Account Policies > Password Policy.
If that doesn't cover it then I'll need some more clarity of what it is exactly you are trying to do.
ASKER
That does not cover it. When setting the password to expire in policy the users do not get prompted to change their passwords when logging into their pna agent. I need the pna agent to have the chbange passwords field to allow the users to change them.
ASKER
can someone answer this or not.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ty
PNagent doesn't really give you a "password change" option. - your options are:
A) have the user change the password on their Desktops (Are the users not logging into the domain here? - PNagent is really designed for a workstation that logs into a domain)
B) Enable Password changes via Web Interface Site (not PNA)
1) Launch Access Manager Console on the Web Interface Server
2) Discover if it's not already done
3) MetaFrame Presentation Server > Suite Components > Configuration Tools > Web Interface > <your Web interface site>
Note if you only have your PNagent site here, you will need to right click Web Interface and Create Site and make a MetaFrame Presentation Server Site (web Interface)
4) in the Middle under Common Tasks, click Configure authentication methods
5) On this first screen select Allow user to change password: At Any Time
6) set up the rest of the authentication as you see fit for your environment - now users will be able to browse to your Web Interface site http://<servername> and there is a Padlock icon where they can change their password after they logon.