Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Password Reset Site

Status
Not open for further replies.

jessehc

IS-IT--Management
Jun 22, 2005
10
US
I am looking for a solution that allows end users to reset password and/or unlock their own domain account. I found several apps out there that can be used for this purpose.

Does Microsoft offer a self service password reset site users that I can install for this?

I am most concerned with VPN users that can't even authenticate into our network if their account is locked or the password has expired. Does anyone have any experience implementing a secure password reset site that is available from the internet to get around these issues.

Thanks
 
You can configure the lockout time to be just a few minutes so the users don't have to wait too long and there will be no need to unlock the account.

For the password reset, how do you plan to prevent people from changing everyone elses password if they have nto already authenticated?

I suggest that you alter your focus. This is a training issue and not a technology issue. Force your users to accept responsibility for not changing their password when instructed.

For standardization, force all users to change passwords on a set date, then send out a reminder notice instructing them to change the password ahead of time. Send a daily reminder until the lockout date.

I hope you find this post helpful.

Regards,

Mark
 
Thanks Markdmac for your input.

I don't think I provided enough info in my post about the solutions I am considering. I have a large number of users that are located at customer sites so they are only able to use OWA to read email. Many of these users miss the message in OWA to change their password until it is too late so we get the call for the password reset. I found a few applications that provide a mechanism for a user to access a site and answer several questions then the application will allow them to reset their password.

For an internal network, I don't see any problem with this but I wasn't sure if this is a good idea to publish on the outside of our network. I am trying to eliminate phone calls for password resets by allowing users to fix the problems themselves.
 
Have you setup OWA to allow password resets?

I hope you find this post helpful.

Regards,

Mark
 
Yes I do have OWA configured to allow password resets. This works as long as the user sees the message that their password is going to expire. If they miss and their password expires they have to call in for the reset so they can login.
 
Have a look at
Basically a script that works out password expiry date and e-mails users to tell them to change it.

We use it each day from 14 days before expiry for remote sales people using VPN, and for OWA users who log onto machines with a generic account then go into OWA from there.

Works pretty well.

Neill
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top