Is there a way to keep iPhone,iPad and Driod password in sync

I have ActiveSync infrastructure in place in my current environment.
With our AD password policy set for users to change their password every 60 days this presents a minor issue for users using iPhone's, iPad's or Driod's connecting via EAS since they then need to manually change it.
We give the users a tutorial and the heads up that they will need to change the EAS password when they change it for their computer, but it goes in one ear and out the other.  So we get the calls saying "My email is not working" or "My email is not showing up on my phone".

So is there a way to use my CA to issue certs for these devices and use it for authentication?

LVL 25
yo_beeDirector of ITAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Deepu ChowdaryConnect With a Mentor Commented:
The issue is not about CA, its about logging in using our personal passwords..

Hmm AFAIK there is no CA for password issues.

You have to disable these 60 days option.
0
 
yo_beeDirector of ITAuthor Commented:
I guess then the helpdesk deals with this.
Thanks for you input and I felt that was going to be the answer.
0
 
ReubenwelshConnect With a Mentor Commented:
I have troubleshooted this problem in the past, it is just as Exchange9 says, there is no solution for this currently.
Really you have the same issue with everything that saves your password, it just isnt safe (and there isnt really any point) for your password to be replicated out to the phone.

The only option i can imagine for the future is if you in the future connect your phones to the domain and have passthrough authentication. Sadly with this option you would need to enforce stong passwords on phones instead of 4digit pins... maybe in the future with retina scanners or somthing like that though.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
yo_beeDirector of ITAuthor Commented:
I've requested that this question be deleted for the following reason:

No answer to the question other than It can not be done.
0
 
ReubenwelshCommented:
The question is if it can be done, which has been answered multiple times. Not how to do it.
0
 
yo_beeDirector of ITAuthor Commented:
I've requested that this question be deleted for the following reason:

No solution
0
 
yo_beeDirector of ITAuthor Commented:
I still find it hard to believe that Certificate authenication cannot be used for EAS.
0
All Courses

From novice to tech pro — start learning today.