Remote user forget her password.
We have bunch of remote users working from home and occasionally came on office network. Yesterday one of our user running windows XP forgot her login password, helpdesk reset her password as they did for office users but now she is not able to login with her new password as she is not on corporate network and can't connect to domain controller without connecting VPN and VPN could not connect untill she login. She also forgotten her old password.
I have local admin access of her computer but dont know how i can use it to resolve this problem. I dont like to ask her to bring her computer to office.
Is there any way to come out from this weired situation.
I have local admin access of her computer but dont know how i can use it to resolve this problem. I dont like to ask her to bring her computer to office.
Is there any way to come out from this weired situation.
motnahp00
If she knew her old password, she could have logged in with cached credentials and attempted to VPN with her new password. In this situation, not knowing the old one will unfortunately require a trip to the office.
ASKER
is there a way i can login with local administrator account, access her cached credential and got to know her old password OR reset it ?
You can try this:
Log in with the local administrator. Fire up the VPN client. Run a switch user and viola.
But that's a decision, you will have to make - whether or not you are willing to provide the local administrator account and password.
Log in with the local administrator. Fire up the VPN client. Run a switch user and viola.
But that's a decision, you will have to make - whether or not you are willing to provide the local administrator account and password.
ASKER
Switching user is available in windows7 only, is it available in windows XP too ?
Can you log in as the local admin, create the VPN and open cmd via the runas?
runas /user:mydomain\myusername cmd
It should re-authenticate and re-cache?
runas /user:mydomain\myusername cmd
It should re-authenticate and re-cache?
You are correct about the fast-user switching for Windows XP:
"Fast User Switching is enabled by default in Windows XP Home Edition and Professional on computers with more than 64 megabytes (MB) of RAM. However, Fast User Switching is not available on Windows XP Professional-based computers that are part of a domain network."
Does the VPN client stay up if you log off?
"Fast User Switching is enabled by default in Windows XP Home Edition and Professional on computers with more than 64 megabytes (MB) of RAM. However, Fast User Switching is not available on Windows XP Professional-based computers that are part of a domain network."
Does the VPN client stay up if you log off?
ASKER
No, Its not.
Try scorpeo's suggestion. I'm not sure if running a command in the context of the user will cache the logon info but it is worth a try.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Running a command with the user's credentials will not cache or update the login info; that is not how it works. Also you cannot 'retrieve' password information from the cache because it does not store the password but rather a hash of the password, which is pretty much useless to your purpose.
I would suggest the following:
1. Have her log into her computer using the OLD password
2. Connect to VPN using the NEW password
3. IMMEDIATELY attempt a password change via her computer (i.e. Ctrl-Alt-Del & 'Change Password', etc.) - this will sync the local cache with the domain
This will only work if your domain policy is set to allow her to change her password again so soon, however. Also it's important that she not have anything open that would attempt to send cached credentials (network drive, Outlook, intranet page, etc.) or you may end up with a locked account.
HTH
PS: KCTS has a good point; sometimes users need reminders of why they should follow the process.
I would suggest the following:
1. Have her log into her computer using the OLD password
2. Connect to VPN using the NEW password
3. IMMEDIATELY attempt a password change via her computer (i.e. Ctrl-Alt-Del & 'Change Password', etc.) - this will sync the local cache with the domain
This will only work if your domain policy is set to allow her to change her password again so soon, however. Also it's important that she not have anything open that would attempt to send cached credentials (network drive, Outlook, intranet page, etc.) or you may end up with a locked account.
HTH
PS: KCTS has a good point; sometimes users need reminders of why they should follow the process.
If her router is capable of dialing a VPN connection it maybe worth setting that up for a short period of time. This would create the VPN before needing to loggon. She should then be able to login with her new password.
Get her to reset her local password to match the new domain password.
Good luck,
Steve
Good luck,
Steve
ASKER
thnx