Solved

Sync issue with VPN when users change password locally. Safe Boot is also used on laptops.

Posted on 2009-05-05
1
806 Views
Last Modified: 2012-06-21
I am working with a customer who has field agents with laptops. The field agent is offline about 95% of the time. They connect to the VPN maybe twice a month, which then gets them on the corporate network.  The customer wants to implement a 60 day password change policy.  The issue is that the agents will already have booted their laptops up and made a password change which is cached locally.  They may run like this for 2 weeks. When they try to connect to the VPN (which uses the same AD password for login), they will not be able to connect because they are attempting to use their new password.  The VPN is expecting the old password because AD server has not been updated yet.  How can we manage password changes and sync issues for these field agents who are offline most of the time but are still required to change their password every 60 days?
0
Comment
Question by:opie51
1 Comment
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 24316555
Are you using the Windows VPN client by any chance? If so, and the machines are members of the domain, at logon there is a check box option to allow the user to use a dial up connection. Selecting this will then allow the user to connect to the VPN, which completes and allows the user to have a proper network connected session, rather than one using cached credentials. If the user then changes their password during this session it is changed in AD and on the local machine.

It is a common problem, and this is one option.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now