Solved

How can remote users change their Domain login passwords.

Posted on 2014-10-23
4
426 Views
Last Modified: 2014-10-24
I know there have been several topics regarding remote users on domain computers/laptops and how they can change their login passwords without coming into the main office.
It does seem to be a particularly awkward issue.

We have an SBS 2011 server and users on Windows 7 laptops & PCs.

Users on the network are easy to manage regarding passwords. For now I have just asked them all to Ctrl+Alt+Delete and change password, but I would like to enforce a 90 day password life for ALL users.

It is the remote users that are the problem and the difficulty in updating the password cache on the local machine (they all login to their computers using Domain credentials and are all local administrators of their computers) Many of the topics I have read through concern loging in across vpn. We do not use vpn.

Our remote users come into the office 2 - 3 times a year.

Remote users use Outlook client (over HTTP) or OWA.
They also use SharePoint (with SharePoint using the Domain credentials they use to logon to their computers, using IE's security setting: Automatic login with current user name and password).

As one of a list of security measures I would like to, at least, get the users to change their email password regularly - which I know they can do from within OWA. My questions are:

what knock on effects that OWA password change will bring?

I know they will have one password for their computer login and a different one for OWA login due to the local cache.

How will this OWA password change affect their SharePoint login?

Will it still use their domain user computer login?
When the users eventually come into the office what procedure should they go through to change their login password?
Is it a simple Ctrl+Alt+Delete and change password?

Or, will the password change they have put in place previously using OWA affect how they login the first time they join the main office LAN network?

Also, for those users who are using the Outlook client over HTTP,

would using OWA and changing their password affect the password they have to use when the Outlook client login box appears?

Thanks for your time
0
Comment
Question by:NELMO
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40400149
Anything that uses domain credentials (except logging on locally to the workstation) will be affected by the OWA password change.  This means that Sharepoint and Outlook will require the new password.  Once the user comes back into the office and connects their computer to the domain network, their local cached credentials will update automatically, after they login.  To login they would need to provide their new credentials.

Note:  You may run into domain trust issues, which usually just requires a reset of the Computer account on the domain.

-saige-
0
 

Author Comment

by:NELMO
ID: 40401896
Thanks it saige

Please bear with me to see if I fully understand.

So a remote user logs onto their domain laptop at home with their normal password - lets call it pass1.
They then change their password in OWA from pass1 to  pass2.
The next day they still logon to the laptop with pass1.
They now, when opening OWA login with pass2.

From what you are saying the OWA changed password - pass2 - becomes their domain password as far as the server here at head office is concerned (even though their remote laptop login remains the same - pass1).

Will the SharePoint login password now change to the new password - pass2 ? As this also resides on the Head Office Domain Network.
If so, when the user opens the SharePoint site in their web browser, will they be presented with a login box waiting for the new credentials?
0
 
LVL 33

Accepted Solution

by:
it_saige earned 500 total points
ID: 40402058
All domain authenticated services (including Sharepoint) will use pass2 after the user changes it in OWA.  So the user will receive a login box waiting for the new credentials.

-saige-
0
 

Author Closing Comment

by:NELMO
ID: 40402085
Thanks it saige

I will get the remote users to use the OWA method to change their passwords (some are still using the default password that was used to set up their accounts!!). Outlook and SharePoint are the only applications they use - no VPN or RWW.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question