How can remote users change their Domain login passwords.

I know there have been several topics regarding remote users on domain computers/laptops and how they can change their login passwords without coming into the main office.
It does seem to be a particularly awkward issue.

We have an SBS 2011 server and users on Windows 7 laptops & PCs.

Users on the network are easy to manage regarding passwords. For now I have just asked them all to Ctrl+Alt+Delete and change password, but I would like to enforce a 90 day password life for ALL users.

It is the remote users that are the problem and the difficulty in updating the password cache on the local machine (they all login to their computers using Domain credentials and are all local administrators of their computers) Many of the topics I have read through concern loging in across vpn. We do not use vpn.

Our remote users come into the office 2 - 3 times a year.

Remote users use Outlook client (over HTTP) or OWA.
They also use SharePoint (with SharePoint using the Domain credentials they use to logon to their computers, using IE's security setting: Automatic login with current user name and password).

As one of a list of security measures I would like to, at least, get the users to change their email password regularly - which I know they can do from within OWA. My questions are:

what knock on effects that OWA password change will bring?

I know they will have one password for their computer login and a different one for OWA login due to the local cache.

How will this OWA password change affect their SharePoint login?

Will it still use their domain user computer login?
When the users eventually come into the office what procedure should they go through to change their login password?
Is it a simple Ctrl+Alt+Delete and change password?

Or, will the password change they have put in place previously using OWA affect how they login the first time they join the main office LAN network?

Also, for those users who are using the Outlook client over HTTP,

would using OWA and changing their password affect the password they have to use when the Outlook client login box appears?

Thanks for your time
NELMOAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

it_saigeDeveloperCommented:
Anything that uses domain credentials (except logging on locally to the workstation) will be affected by the OWA password change.  This means that Sharepoint and Outlook will require the new password.  Once the user comes back into the office and connects their computer to the domain network, their local cached credentials will update automatically, after they login.  To login they would need to provide their new credentials.

Note:  You may run into domain trust issues, which usually just requires a reset of the Computer account on the domain.

-saige-
0
NELMOAuthor Commented:
Thanks it saige

Please bear with me to see if I fully understand.

So a remote user logs onto their domain laptop at home with their normal password - lets call it pass1.
They then change their password in OWA from pass1 to  pass2.
The next day they still logon to the laptop with pass1.
They now, when opening OWA login with pass2.

From what you are saying the OWA changed password - pass2 - becomes their domain password as far as the server here at head office is concerned (even though their remote laptop login remains the same - pass1).

Will the SharePoint login password now change to the new password - pass2 ? As this also resides on the Head Office Domain Network.
If so, when the user opens the SharePoint site in their web browser, will they be presented with a login box waiting for the new credentials?
0
it_saigeDeveloperCommented:
All domain authenticated services (including Sharepoint) will use pass2 after the user changes it in OWA.  So the user will receive a login box waiting for the new credentials.

-saige-
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NELMOAuthor Commented:
Thanks it saige

I will get the remote users to use the OWA method to change their passwords (some are still using the default password that was used to set up their accounts!!). Outlook and SharePoint are the only applications they use - no VPN or RWW.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.