Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN Users not being prompted for password change

Status
Not open for further replies.
DotNetNewbie

DotNetNewbie

Programmer
Mar 3, 2004
344
GB
Hi,

I am hoping someone can help me?

We have recently introduced a new password policy which requires users to change their passwords on a regular basis. However I have noticed that remote field based staff who never visit the office are not receiving the 14 day warning when their passwords start to expire.

Is there any way to force this message to appear or is this simply a quirk?

Many thanks in advance.

.net
 
Sort by date Sort by votes
Their machines attempt to login to the domain before their VPN is connected, with the Windows login. Though the VPN might authenticate to their AD account, it won't go through the same routine as far as checking for expired passwords, etc. Your best/easiest bet is to have them login through Exchange's OWA, which should allow them to change their password.

Just for the record I think having the VPN authenticate against their AD accounts is not a good idea. If someone learns their AD username and password, they can get into your network, and connect to any resources available to that user. If the username/password is different once they get in the VPN, they really can't do much else.
 
Upvote 0 Downvote
Getting people to remember a single password is hard enough. You want them to remember two passwords?

Now if you have a VPN token like an RSA token that's another conversation.

We use software from called the Password Expiration Notifier to email our users when there password is getting close to expiration. It'll send users three emails (you can configure when the emails go out) so that they know to change there password.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2005 BI / SQL 2008 DBA / SQL 2008 DBD / SQL 2008 BI / MWSS 3.0: Configuration / MOSS 2007: Configuration)
MCITP (SQL 2005 DBA / SQL 2008 DBA / SQL 2005 DBD / SQL 2008 DBD / SQL 2005 BI / SQL 2008 BI)

My Blog
 
Upvote 0 Downvote
Show me a person in my whole office that only has one password to remember and I'll show you the person with the mop, who probably still has more than one password.
 
Upvote 0 Downvote
Agreed, everyone has lots of passwords. But having users have two passwords for work to forget can end up giving your help desk staff twice as many accounts to reset.

Lots of users can't remember there passwords, and they end up writing them down somewhere (I'm talking regular users, not IT staff). This being the case, most passwords would be written down next to each other anyway.

Denny
MVP
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / SQL 2005 BI / SQL 2008 DBA / SQL 2008 DBD / SQL 2008 BI / MWSS 3.0: Configuration / MOSS 2007: Configuration)
MCITP (SQL 2005 DBA / SQL 2008 DBA / SQL 2005 DBD / SQL 2008 DBD / SQL 2005 BI / SQL 2008 BI)

My Blog
 
Upvote 0 Downvote
Hi,

Thanks for taking the time to reply, very much appreciated.

I am hoping to introduce RSA style tags in the future, but my immediate issue is passwords expiring without the users being notified.

I like the email of being able to send them an email, so thanks for that.

Users generally have a few passwords to remember, which generally results in them changing the passwords so they are all the same or similar!. It is and always has been a hot topic.

Again, thanks for taking the time to respond.

.net
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
223
gbaughma
gbaughma
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
220
microsGuy16
microsGuy16
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
424
mangentle
mangentle
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
373
gbaughma
gbaughma
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
197
mangentle
mangentle

Part and Inventory Search

Sponsor

Back
Top