[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1852
  • Last Modified:

Windows Server Essentials 2012 R2 password policies

Preparing to migrate from SBS 2003 to WSS 2012 R2. This site is already on Office 365 so we will be integrating that. From http://technet.microsoft.com/en-us/library/jj713507.aspx#BKMK_Access3 

"Passwords cannot contain the user name or email address.
If you integrate with Office 365, the integration enforces the Strong password policy, and updates the policy to include the following requirements:
◦ Passwords must contain 8–16 characters.
◦ Passwords cannot contain a space or the Office 365 email name."

The existing users login accounts and Office 365 accounts do not conform to the strong policy, just the minimum 8 characters and do not contain the email name. So, will the users be required to change their password when they log into the new server, after the migration? I would assume then that their Office 365 password will also have to change. It's unclear whether I can change that policy. I just need to know if users should change their passwords on the server and Office 365 before the migration.
0
dpacheco
Asked:
dpacheco
  • 3
  • 2
1 Solution
 
Mohammed KhawajaCommented:
It is always wise to change passwords prior to the migration.  However, if you move a user who didn't change password, upon first logon to the new DC, he/she will be forced to change password.
0
 
dpachecoAuthor Commented:
Thanks. Since they are integrating with Office 365 will a password change upon login to the new server also change the Office 365 password?
0
 
Mohammed KhawajaCommented:
Yes and No (it depends).  If you are using dirsync to synchronize passwords with the cloud then once the job is run, it will synchronize in a few minutes once it detects a password change.  Refer to link below for more information:

http://technet.microsoft.com/en-us/library/dn246918.aspx

If you are using SSO then all authentication is performed against the on-premise DCs.  Below is a link explaining this:

http://technet.microsoft.com/en-us/library/hh852486.aspx

In most implementations I have seen dirsync being used.
0
 
dpachecoAuthor Commented:
I'm not sure what Essentials uses, I would assume dirsync but if they change their logon account to the server it automatically changes their Office 365 password so I guess that answers it.
Thanks.

"When you use the Dashboard to assign a Microsoft Online Services account to a user account, the user account password is automatically synchronized with the user’s online account. This means that a user only needs a single password to access both the resources on the server and in Office 365. Furthermore, you can use the same name for the user account and the user’s online ID.

Password synchronization occurs immediately and automatically when a user changes the password for their user account from a domain-joined computer or by using Remote Web Access

If Office 365 is integrated with Windows Server Essentials, users should not change the password for their Microsoft online account from the Office 365 portal. Doing so will break the password synchronization. "
0
 
Mohammed KhawajaCommented:
Thanks for the points.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now