Password Expiration Alert

R

Ryan Hanisco

Is this thing on?? Ok, here goes...

I have two 2003 forests connected by a VPN tunnel with no trusts between
them. One runs an authentication domain for one of my clients and the
other is running Exchange, to which the users in the first domain connect
via RPCoHTTP. (Don't panic, this is only partially an exchange question.)

The issue is that when passwords expire on the domain hosting exchange, the
users in the other domain are never notified. They can get the warning in
OWA, but there is nothing coming through Outlook. The Exchange experts are
telling me that the way to do this is to create a two-way trust between the
domains, but this is not an option for political and security reasons.

I have an asp page that can verify that an account is about to expire and
allow users to change their password if I hand off the username as an input
parameter. I don't really like this though -- I have the usernames
identical between the domains, but there is no way to force this and I don't
like code that can break itself due to sloppy administration.

Are there other options that anyone can think of? I don't often get stumped
without a direction to go, but I am fast getting there.
 
J

Jerold Schulman

Is this thing on?? Ok, here goes...

I have two 2003 forests connected by a VPN tunnel with no trusts between
them. One runs an authentication domain for one of my clients and the
other is running Exchange, to which the users in the first domain connect
via RPCoHTTP. (Don't panic, this is only partially an exchange question.)

The issue is that when passwords expire on the domain hosting exchange, the
users in the other domain are never notified. They can get the warning in
OWA, but there is nothing coming through Outlook. The Exchange experts are
telling me that the way to do this is to create a two-way trust between the
domains, but this is not an option for political and security reasons.

I have an asp page that can verify that an account is about to expire and
allow users to change their password if I hand off the username as an input
parameter. I don't really like this though -- I have the usernames
identical between the domains, but there is no way to force this and I don't
like code that can break itself due to sloppy administration.

Are there other options that anyone can think of? I don't often get stumped
without a direction to go, but I am fast getting there.
Click to expand...

have no clue. Have you seen http://support.microsoft.com?kbid=833401



Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
 
R

Ryan Hanisco

Yeah. I have RPCoHTTP working correctly. Its just that it doesn't warn
the client about impending password expiration unless the user logon can be
verified between domains via a two way trust. Its just that that happens to
be something I can't do for political reasons.

--
Ryan Hanisco
MCSE, MCDBA
Flagship Integration Services

 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Further question regarding transitive nature of forest trusts 2
Expiration notification 4
Multi forest and Citrix farm 1
Upgrading / joining domains 3
Trust between 2000 and 2003 domain 19
win 2000 / 2003 ad problem 1
password expiration 7
Password age and expiration doubt 1

Top