Solved

Active Directory password change and ActiveSync

Posted on 2013-01-09
3
1,212 Views
Last Modified: 2013-01-09
I've searched through the threads in EE and on the web but have not been satisfied with the answers I've found on this issue.

We have Exchange 2010 SP1 and have about 120 iPhones, iPads and various other ActiveSync devices connecting to our email services via CAS boxes.  Everything works great....until our group policy forces a password change in AD - happens every 90 days.

I know this question has been asked a million times but I have to ask again, is there a way to sync the new password to ActiveSync devices so the users do not have to manually change passwords on their iPhones, iPads, etc.?

This is causing two problems; 1) if the user forgets to change the password on the mobile device, he/she will eventually get locked out of AD due to bad password attempts, 2) some users - you know the ones, just call IT and gripe about their email not working anymore on their iPhone.

Any definite answer to this dilemma will be greatly appreciated.
0
Comment
Question by:Levi Gwyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
bigbigpig earned 300 total points
ID: 38759033
I don't think there's a way to do that without 3rd party applications like Good For Enterprise.
0
 
LVL 43

Assisted Solution

by:Amit
Amit earned 200 total points
ID: 38759058
You know the answer is no, however i am not going to say not possible. I have implemented a different solution, we created a script which monitors the account lockouts, with expiry dates, if lockouts are coming from CAS, we update user to check and change password into their handheld devices.

Separately, we ran another script to unlock user accounts. You can also develop something similar.
0
 
LVL 4

Author Closing Comment

by:Levi Gwyn
ID: 38759513
Thanks for the replies.  I was pretty sure the answer was no but needed evidence to support this answer and EE is always a trusted source.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question