Solved

Sync issue with VPN when users change password locally. Safe Boot is also used on laptops.

Posted on 2009-05-05
1
805 Views
Last Modified: 2012-06-21
I am working with a customer who has field agents with laptops. The field agent is offline about 95% of the time. They connect to the VPN maybe twice a month, which then gets them on the corporate network.  The customer wants to implement a 60 day password change policy.  The issue is that the agents will already have booted their laptops up and made a password change which is cached locally.  They may run like this for 2 weeks. When they try to connect to the VPN (which uses the same AD password for login), they will not be able to connect because they are attempting to use their new password.  The VPN is expecting the old password because AD server has not been updated yet.  How can we manage password changes and sync issues for these field agents who are offline most of the time but are still required to change their password every 60 days?
0
Comment
Question by:opie51
1 Comment
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 24316555
Are you using the Windows VPN client by any chance? If so, and the machines are members of the domain, at logon there is a check box option to allow the user to use a dial up connection. Selecting this will then allow the user to connect to the VPN, which completes and allows the user to have a proper network connected session, rather than one using cached credentials. If the user then changes their password during this session it is changed in AD and on the local machine.

It is a common problem, and this is one option.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now