March 22nd, 2005, 05:49 PM
Change Domain PW Remotely
We have an extranet webiste setup where remote users can authenticate to our domain via a secure outside website and get a list of links to internal servers. For example, a remote users will go to https://secure.connection.com, log in with their domain credentials and then have the ability to get to their mail, our intranet page, etc.
The problems lies in that our domain password policy is set for them to change their pw every 90 days. With this type of authenticate however they do not get prompted to change their pw. Their password will expire and they will eventually be forced to call the help desk. Can anyone think of a solution for this? Maybe an internal website that we can configure to change domain passwords. Has anyone dealt with this before?
March 22nd, 2005, 05:57 PM
We had something similar here using reachbacks. There was a website setup for chaging their internal passwords after they authenticated to it. The main problem we found with this was, they wouldn't bother changing their password until their 90 days was up, and at that point they couldn't reach the internal website to change it. This reverts to calling the help desk.
March 22nd, 2005, 06:15 PM
Yes, we just went through all of these possible senerios in a meeting. That being one of them. Unless we have the page somehow ( I wouldn't even begin to figure this out ) check the user account and force the change when it gets close to the 90 days.
not even sure if that is doable.
BTW zENGER, how did you guys solve that problem?
March 22nd, 2005, 06:29 PM
In our situation we had a primary login and then the secondary login. We synced up the 90 days for both and told the users that they better change their primary login and secondary login before the 90 days are up of they would be locked out. This scared them into following the correct path. By primary I mean that all of the users belonged to domain A, and were reaching across to domain B. Domain B was slowly being removed and everything incorporated into A, so a long term solution wasn't needed.
March 22nd, 2005, 06:40 PM
I found this page to help with building the web site that will allow a user to change their password but it still doesn't address the issue of if the user can't be bothered with changing it before the 90 days runs out.
I need something that will force them to change the pw when their is one or two days left.