Solved

How can remote users change their Domain login passwords.

Posted on 2014-10-23
4
423 Views
Last Modified: 2014-10-24
I know there have been several topics regarding remote users on domain computers/laptops and how they can change their login passwords without coming into the main office.
It does seem to be a particularly awkward issue.

We have an SBS 2011 server and users on Windows 7 laptops & PCs.

Users on the network are easy to manage regarding passwords. For now I have just asked them all to Ctrl+Alt+Delete and change password, but I would like to enforce a 90 day password life for ALL users.

It is the remote users that are the problem and the difficulty in updating the password cache on the local machine (they all login to their computers using Domain credentials and are all local administrators of their computers) Many of the topics I have read through concern loging in across vpn. We do not use vpn.

Our remote users come into the office 2 - 3 times a year.

Remote users use Outlook client (over HTTP) or OWA.
They also use SharePoint (with SharePoint using the Domain credentials they use to logon to their computers, using IE's security setting: Automatic login with current user name and password).

As one of a list of security measures I would like to, at least, get the users to change their email password regularly - which I know they can do from within OWA. My questions are:

what knock on effects that OWA password change will bring?

I know they will have one password for their computer login and a different one for OWA login due to the local cache.

How will this OWA password change affect their SharePoint login?

Will it still use their domain user computer login?
When the users eventually come into the office what procedure should they go through to change their login password?
Is it a simple Ctrl+Alt+Delete and change password?

Or, will the password change they have put in place previously using OWA affect how they login the first time they join the main office LAN network?

Also, for those users who are using the Outlook client over HTTP,

would using OWA and changing their password affect the password they have to use when the Outlook client login box appears?

Thanks for your time
0
Comment
Question by:NELMO
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:it_saige
ID: 40400149
Anything that uses domain credentials (except logging on locally to the workstation) will be affected by the OWA password change.  This means that Sharepoint and Outlook will require the new password.  Once the user comes back into the office and connects their computer to the domain network, their local cached credentials will update automatically, after they login.  To login they would need to provide their new credentials.

Note:  You may run into domain trust issues, which usually just requires a reset of the Computer account on the domain.

-saige-
0
 

Author Comment

by:NELMO
ID: 40401896
Thanks it saige

Please bear with me to see if I fully understand.

So a remote user logs onto their domain laptop at home with their normal password - lets call it pass1.
They then change their password in OWA from pass1 to  pass2.
The next day they still logon to the laptop with pass1.
They now, when opening OWA login with pass2.

From what you are saying the OWA changed password - pass2 - becomes their domain password as far as the server here at head office is concerned (even though their remote laptop login remains the same - pass1).

Will the SharePoint login password now change to the new password - pass2 ? As this also resides on the Head Office Domain Network.
If so, when the user opens the SharePoint site in their web browser, will they be presented with a login box waiting for the new credentials?
0
 
LVL 33

Accepted Solution

by:
it_saige earned 500 total points
ID: 40402058
All domain authenticated services (including Sharepoint) will use pass2 after the user changes it in OWA.  So the user will receive a login box waiting for the new credentials.

-saige-
0
 

Author Closing Comment

by:NELMO
ID: 40402085
Thanks it saige

I will get the remote users to use the OWA method to change their passwords (some are still using the default password that was used to set up their accounts!!). Outlook and SharePoint are the only applications they use - no VPN or RWW.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now