hidden hit counter
Welcome to WindowsForumz.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

VPN and Password Policy

  
   Win 2000/NT/98/ME (Home) -> Security RSS
Next:  GPO and groups  
Author Message
anonymous3439

External


Since: Sep 21, 2004
Posts: 1



(Msg. 1) Posted: Tue Sep 21, 2004 11:55 am
Post subject: VPN and Password Policy
Archived from groups: microsoft>public>win2000>security (more info?)
We have a windows 2000 server and a windows 2000 remote
access server. We are planning on changing Group Policy
to force passwords to change every 60 days. I was
wondering what might happen to remote users when they
connect to the network and thier password has expired. If
anyone knows of a good document that describes this, that
would be great.

Thanks.

 >> Stay informed about: VPN and Password Policy 
Back to top
Login to vote
anonymous1

External


Since: Feb 20, 2004
Posts: 986



(Msg. 2) Posted: Tue Sep 21, 2004 12:07 pm
Post subject: VPN and Password Policy [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Oh yeah, both servers have SP4 installed on them too.

 >-----Original Message-----
 >We have a windows 2000 server and a windows 2000 remote
 >access server. We are planning on changing Group Policy
 >to force passwords to change every 60 days. I was
 >wondering what might happen to remote users when they
 >connect to the network and thier password has expired.
If
 >anyone knows of a good document that describes this, that
 >would be great.
 >
 >Thanks.
 >.
 >

 >> Stay informed about: VPN and Password Policy 
Back to top
Login to vote
Steven L Umbach5

External


Since: Jul 05, 2004
Posts: 236



(Msg. 3) Posted: Tue Sep 21, 2004 9:27 pm
Post subject: Re: VPN and Password Policy [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
I know of no official document and it seems to vary depending on VPN client. I have
had success changing an expired password using the built in Windows 2000/XP VPN
client in that after a VPN logon to the domain I was informed that my password had
expired and was given the change to change it which worked. A problem arises if a
user is logging onto their computer using cached credentials for the domain. In that
case if the password has expired I was able to change it but was denied access to
domain shares. The reason is that the "cached credentials" are not updated when you
change the password over the VPN. I found that after changing my password via VPN, if
I immediately locked and unlocked my computer with the "new" password that the cached
credentials are updated and was able to access domain resources. Note that you might
have better luck if you train users to logon to the VPN using the domain name also
instead of just username and password. This can be configured in the VPN connections
properties for the MS built in VPN client. Once logged onto the domain via VPN, the
users should be able to change their domain password by using ctrl-alt-delete/change
password which you may want to have them try before you implement the policy and then
remind them to do such before their password expires. Note that users who have their
account properties configured for "password never expires" will not be subject to
maximum password age policy and those users that currently have a password older than
maximum password age will immediately have expired passwords. There is a free tool
from SomarSoft called dumpsec that can display the last time a user changed their
password. --- Steve


"greg@b101fm.com" wrote in message

 > We have a windows 2000 server and a windows 2000 remote
 > access server. We are planning on changing Group Policy
 > to force passwords to change every 60 days. I was
 > wondering what might happen to remote users when they
 > connect to the network and thier password has expired. If
 > anyone knows of a good document that describes this, that
 > would be great.
 >
 > Thanks.
 >> Stay informed about: VPN and Password Policy 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Domain Policy - I have had set up a policy to block all users with any rights other then the basic ones. But by mistake I have had applied to all, instead of the group, and now I can do any changes to it myself, even though I am logged in as the Administrator. Is..

Group Policy - I need to find out how to turn off our workstation firewalls through a group policy so that we don't need to physically touch each workstation. All suggestions welcomed.

password recovery - I have a problem, i made a password account as administrator on my computer, i have windows 2000. What do i have to do to find out my password? I cant even log on to my own computer. please reply as soon as possible

jt.exe password transmission - Hi, I am trying to use the jt.exe to schedule tasks on remote 2000 and NT machines. When I specify on the command-line a login and passowrd that the remote task should run with, is that password transmitted as clear text or is it encrypted? thanks.

Domain Security Policy - Hello, I have a really interesting issue that my DC contracted a while back that I'm still having issues with. I was getting two seperate errors in my Application Log: ----------------------------------------------------------------------- 1) Source:..
   Win 2000/NT/98/ME (Home) -> Security All times are: Eastern Time (US & Canada)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum

Categories:
 Windows XP
  Win 2000/NT/98/ME
 Windows Vista!

[ Contact us | Terms of Service/Privacy Policy ]