Solved

Policies on Remote Laptops

Posted on 2009-05-06
5
275 Views
Last Modified: 2013-11-17
We are adding MDCs to our Deputy cars and I want to know some good policies.  Would it be better to add the users as local users or cached domain users?  We are using cell cards and then connecting to our network through VPN.  They will be using OWA and my worry is how passwords are going to work since we set a default GPO for passwords on both Domain & Local Policies.  Most of the MDC's will probably not log into our network very often so their domain password for OWA may expire without them knowing any good ideas on best practices? Is their a way to sink their local and domain user passwords to expire at the same time?
0
Comment
Question by:ocontoco
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 24332746
A single location to manage the user is best.
You may wish to follow the same mechanism discussed in http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_24383606.html?cid=544
0
 

Author Comment

by:ocontoco
ID: 24358716
I'm using a Cisco VPN Client.  I have created a Virtual Private Network and used the Dial-Up connect options but we use groups and there is no where to put the group when creating the network connection.  I have been able to change the passwords while using VPN but if I force a password change in AD it does flow through.  Also if I change the users password in AD it doesnt flow through untill I'm plugged into my network directly.  Any suggestion on what I need to be doing differently?
0
 
LVL 78

Expert Comment

by:arnold
ID: 24359680
The password change can only occur from the client side because when they are outside the LAN, they are working with Cached credentials.
You could set a local policy to expire passwords in the same frequency as you have on the AD, but as noted in the other similar EE post, the user must login into the laptop with the VPN option to push the password change to the AD.
0
 

Author Comment

by:ocontoco
ID: 24364061
How do you setup your VPN Client to do this? I seem to have problems getting this to work.  
0
 
LVL 78

Accepted Solution

by:
arnold earned 125 total points
ID: 24366322
At the time of login, you have to use the dial-using VPN.  The other EE article discusses it.  Which Version of the cisco VPN client are you using?
http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_tech_note09186a00807955bc.shtml
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
domian network access 5 42
HP Stream laptop logging in issue 15 63
port forwarding 2 64
types of VPN 2 47
I am not new to IT, I have been working in the field since 1985.  But recently I came up against something that stumped even me (it doesn't happen as often as I would like).  I was running a screencasting session from the laptop to my TV via ChromeC…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Suggested Courses

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question