Changing passwords for remote users

P

Phyllis

My office has recently implemented a policy of requiring
regular password changes. This is fine for our staff
that are regularly in the office and are notified before
the password expires. This is a problem for our remote
users. They are not notified until they connect via VPN
and are forced to change their password at that point.
Our users are standardized on Windows 2000. The problem
then is that the locally cached password is different.
They must login to their machine with their old
password. Also each time they access a network resource,
such as the mail server when opening outlook, they are
promted for username password and domain. We have been
working around this until the three days that our policy
requires has passed and the user can VPN and manually
perform another password change which gets them back in
sync. I am sure that my organization is not the only
organization with such a security policy and a large
number of remote users. I would just like to know what
the proper way is to deal with these password changes. If
there is an easier way to deal with these password
changes is there is some configuration change that needs
to be made either on the network or on these individuals
machines.
 
A

Adam Arndt

This is a very common problem that I see all of the time. It is usually
caused by a 3rd party vpn client (most notably, Cisco) that does not
properly update the client's cached password when it is changed in the VPN
connection. The most common workaround for this issue is to educate users
that if they are remotely connected and they change their password (whether
in a VPN, terminal session, or Outlook/ OWA) they need to lock and unlock
their workstation while still in the VPN connection. This will cause the
cached password to be updated. Another solution, is to (if your VPN client
supports it) require that when remote users logon they logon to their
machines using the "logon using dial-up conneciton" check box (which will
also logon using VPN connection if they are using the Microsoft VPN client.)

Hope it helps,
Adam Arndt
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Problems with users changing passwords 5
Password expiration notice for remote users 3
Default Domain Policy: Passwords 2
VPN Clients - Expiring Passwords 1
Remote domain password change facility 1
Remote users changing passwords 1
remote user passwords 1
Network Passwords, make Win2k like XP? 6

Top