Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Change Password Order

Status
Not open for further replies.
MetraRider

MetraRider

IS-IT--Management
Mar 7, 2001
69
US
We've just implemented DirXML 1.1a in our environment (I know it's old but it came with our old Zenworks)... So that we can sync passwords with our domain, we are instructing users to press control-alt-del and change the password. The Windows policy is set weekly and some users are attached to non-domain servers connected via the login script. Our Novell password policy requires unique passwords of 5 characters or more.

A user attempted to use a previously used novell password. The change password box changed it on the non-novell resources first, then attempted on eDirectory and failed... Now the Windows resources have the new password and the eDir has the old. Because of this subsequent attempts to change the password this way fail because the old password doesnt match the Novell password anymore.

Can the change password function be set to check eDirectory first or is there another way we should be changing these passwords so they they sync with AD and with their currently attached resources.

Thanks in advance.
 
Sort by date Sort by votes
let's hope provo is in the house

afraid as i have found out this week i dont have a clue about idm
 
Upvote 0 Downvote
Well first off, make sure the password syn app is NOT running on a 2k3 box, it's not support and you will have issues. You can run the Password sync app on a 2k member server, and just push the DLL to the domain controllers if they are 2k3.

Change the order the password is synced? Tell your users if they make a change to their password, to only choose the NetWare resource and ignore the Windows resource. the Password Sync will take care of it.

Better ways to change the password with DirXML 1.1a? not really, 1.1a is a pain in the rump, pretty much pure XML code, and if you do not know it, your hosed. Getting NTS to support customizations is beeo@$%, which leaves you with an expencive consulting bill if you want this to do more for you than just simple directory sync and password sync. Also, keep in mind, having the NMAS client installed on the workstation will screw you up.

You want NMAS, NMAS rock. Universal Password rocks. IDM 2.01 is kewl, and 3.0 rocks. I kid you not, if you have issues with DirXML1.1a that comes with ZfD, you will pay through the nose to fix it if you can't do it your self. IDM2 & 3 have Web based policy a rules sets and is much easier to deal with and administer (and it's also what you can find training on). Only real diference between 2.x and 3.x is in 3, you get the IDM Designer, and a User App (eGuide on steroids). Lots of things you can do, well worth the upgrade costs.

Novell is currently working with partners nation wide to get the technical training in place so that smaller companies can get this product going if consulting resources are needed. Right now, to have Novell Consulting do it, your looking at 50 to 100k, they are trying to get the bill down to under 5k (10k if you include the hardware in the plan).

Sneak Peak, VMware images are the roxors

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Brent Schmidt Certified nut case [hippy]
Senior Network Engineer
Keep IT Simple
 
Upvote 0 Downvote
Thanks for the tips! It's still a W2K domain and since we have a small network, I don't see a compelling reason to go to W2K3 right now. I do have the user and password sync working in that I havent been able to duplicate the problem I had before (wouldnt you know it happened on the boss' computer and change d the password to whoknowswhat.. but since then it's been fine.. and we're only going eDir to AD, not the other way around.

I'll look into IDM.... I just bought ZFD and ZFS last month... maybe it comes with a newer DirXML? Haven't checked yet.. I see it's on the companion CD, but dont know if I have the license to use it.. gotta call Provo..

Thanks again

Jim
 
Upvote 0 Downvote
No, you have to buy IDM. The DirXML that comes with ZfD is kinda like a starter pack. It does pretty much one thing, a simple sinc of eDir to AD (or AD to eDir). Nothing real complex. Just gives you a smell of the bacon .... now you have to go buy the whole pig if you like the taist.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Brent Schmidt Certified nut case [hippy]
Senior Network Engineer
Keep IT Simple
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SpenceWaller
  • Locked
  • Question
Citrix CSG - Allow users to change password
Replies
0
Views
81
SpenceWaller
SpenceWaller
sodax
  • Locked
  • Question
SPOOLSV need to be killed in order to have printers and Session in windows 2003
Replies
0
Views
74
sodax
sodax
sodax
  • Locked
  • Question
Citrix Password Manager Problem
Replies
3
Views
84
sodax
sodax
putz3000
  • Locked
  • Question
XP - Pro PC's won't remember password to SAMBA share
Replies
0
Views
62
putz3000
putz3000
sodax
  • Locked
  • Question
Citrix Password Manager Problem. while connecting
Replies
0
Views
54
sodax
sodax

Part and Inventory Search

Sponsor

Back
Top