Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Sync issue with VPN when users change password locally. Safe Boot is also used on laptops.

Posted on 2009-05-05
1
Medium Priority
?
816 Views
Last Modified: 2012-06-21
I am working with a customer who has field agents with laptops. The field agent is offline about 95% of the time. They connect to the VPN maybe twice a month, which then gets them on the corporate network.  The customer wants to implement a 60 day password change policy.  The issue is that the agents will already have booted their laptops up and made a password change which is cached locally.  They may run like this for 2 weeks. When they try to connect to the VPN (which uses the same AD password for login), they will not be able to connect because they are attempting to use their new password.  The VPN is expecting the old password because AD server has not been updated yet.  How can we manage password changes and sync issues for these field agents who are offline most of the time but are still required to change their password every 60 days?
0
Comment
Question by:opie51
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 77

Accepted Solution

by:
Rob Williams earned 1500 total points
ID: 24316555
Are you using the Windows VPN client by any chance? If so, and the machines are members of the domain, at logon there is a check box option to allow the user to use a dial up connection. Selecting this will then allow the user to connect to the VPN, which completes and allows the user to have a proper network connected session, rather than one using cached credentials. If the user then changes their password during this session it is changed in AD and on the local machine.

It is a common problem, and this is one option.
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question