?
Solved

Smart Device Password change when updating Windows password

Posted on 2014-04-18
12
Medium Priority
?
389 Views
Last Modified: 2014-04-18
We are a running Acrive sync with Windows 2008 R2 and Exchange 2010. We are implementing a group policy where users will need to update their passwords every 90 days. The users also carry one or more smart devices.

Does changing the password in Windows Server 2008 R2 have an effect on how folks continue to download their email on their personal devices (iPhone, iPad, Droid devices, etc.) . We were under the impression that a user would need to update their personal device every time their Windows password changes, but when we updated the Windows password and WITHOUT touching the personal devices, email continued to flow to the smart phones. Should we be worried or is this how it's designed to work?

Thank you
0
Comment
Question by:htamraz1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
12 Comments
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 400 total points
ID: 40008564
it all depends.  Blackberry BES does not require user to change passwords and this maybe true for some other MDM devices.  ALSO NOTE THAT CHANGING PASSWORD MAY TAKE FEW MINUTES DEPENDING ON YOUR AD infrastructure.  if you are using phones/tablets connecting to Exchange without using MDM solution should prompt for password when polling for email.   this could become an issue and you should educate your users on how to change password on multiple devices.
0
 

Author Comment

by:htamraz1
ID: 40008600
Thank you
What is MDM?
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40008618
If you change a user's password and they have an exchange account on that server or domain, then they need to update the password on their phones for email.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40008695
MDM is Mobile Device Management software such as AirWatch, SAP Afaria or one from Citrix which allows centralized administration and policy management (ie users cannot install apps, apps deployment, etc)
0
 

Author Comment

by:htamraz1
ID: 40009016
TG-TIS
Is their an explanation for email continues to deliver to personal device despite changing the password in Windows, but not on the device?
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40009047
Yes, they could have their business ail being forwarded to their personal email acct which is also on their phone.
0
 
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 1600 total points
ID: 40009199
How long did you wait before coming to the conclusion that the password change wasn't required on the mobile device?
It is certainly true that the change isn't effective immediately. That is because ActiveSync works on a session basis and it is only when that session ends (which can be days) and then attempts to re-authenticate that the new password would be required. If you want instant requirement for the change then run IISRESET which ends all sessions and makes the clients reconnect.

Simon.
0
 

Author Comment

by:htamraz1
ID: 40009305
TG-TIS, forwarding is not the case.

Simon - your argument makes sense. Is this documented somewhere online?
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40009384
From my experience, when you upgrade a password in Active Directory, that security change is immediate. there shouldn't be any waiting period unless your active directory is in terrible shape.
0
 

Author Comment

by:htamraz1
ID: 40009426
TG-TIS
That may be true, but did you see the comment by Simon in regard to activesync session issues and having to possibly run IISRESET. The change took effect immediately with our on-premise equipment. My question is specifically about why our mobile devices did not see the change right away.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 1600 total points
ID: 40009772
I knew I had seen it officially.
http://support.microsoft.com/kb/2612821

Simon.
0
 

Author Closing Comment

by:htamraz1
ID: 40009807
Thank you. The last response with the support article really cleared this up.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Learn how to use the free Acronis True Image app to easily transfer data between iPhones and Android phones.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question