Password Expiry Concentrator 3060 -> Active Directory

Unanswered Question
Oct 9th, 2007

Hi there,

I'm currently implementing AD authentication to our VPN gateways.

I'd prefer to have a direct communication between the concentrator and the domain controller, which is possible when Kerberos is being used.

On the other hand, we'll need the possibility to change expired AD passwords, which could be done using "Radius with Expiry".

For some reasons I can't activate IAS on the AD servers and I can't find a protocol that allows the users to alter and expired password and uses direct AD communication.

Do you have any suggestions, ideas?

Cheers,

Markus

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Danilo Dy Tue, 10/09/2007 - 08:30

Hi,

Once the user password already expire, there's no way for them to change it by themselves except the AD admin.

However, you can use the following tools that I use;

1. User to change AD password

- Check IISADMPWD from MS KB

2. Notify user by email when password is expiring

- Check RPTPASWDCHANGE http://www.windowsitpro.com/Article/ArticleID/46819/46819.html and http://www.windowsitpro.com/articles/download/rptpaswdchange.zip

Regards,

Dandy

Actions

This Discussion