Solved

Active Directory password change and ActiveSync

Posted on 2013-01-09
3
1,213 Views
Last Modified: 2013-01-09
I've searched through the threads in EE and on the web but have not been satisfied with the answers I've found on this issue.

We have Exchange 2010 SP1 and have about 120 iPhones, iPads and various other ActiveSync devices connecting to our email services via CAS boxes.  Everything works great....until our group policy forces a password change in AD - happens every 90 days.

I know this question has been asked a million times but I have to ask again, is there a way to sync the new password to ActiveSync devices so the users do not have to manually change passwords on their iPhones, iPads, etc.?

This is causing two problems; 1) if the user forgets to change the password on the mobile device, he/she will eventually get locked out of AD due to bad password attempts, 2) some users - you know the ones, just call IT and gripe about their email not working anymore on their iPhone.

Any definite answer to this dilemma will be greatly appreciated.
0
Comment
Question by:Levi Gwyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
bigbigpig earned 300 total points
ID: 38759033
I don't think there's a way to do that without 3rd party applications like Good For Enterprise.
0
 
LVL 43

Assisted Solution

by:Amit
Amit earned 200 total points
ID: 38759058
You know the answer is no, however i am not going to say not possible. I have implemented a different solution, we created a script which monitors the account lockouts, with expiry dates, if lockouts are coming from CAS, we update user to check and change password into their handheld devices.

Separately, we ran another script to unlock user accounts. You can also develop something similar.
0
 
LVL 4

Author Closing Comment

by:Levi Gwyn
ID: 38759513
Thanks for the replies.  I was pretty sure the answer was no but needed evidence to support this answer and EE is always a trusted source.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question