RE: active directory password policy

From: Matthew Jenkins (Matthew.Jenkins_at_tmctechnologies.com)
Date: 02/07/05

Next message: Anthony Mendoza: "RE: active directory password policy"

Previous message: Erin Osminer: "RE: active directory password policy"
Maybe in reply to: William Stegman: "active directory password policy"
Next in thread: Anthony Mendoza: "RE: active directory password policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 7 Feb 2005 14:13:58 -0500
To: "William Stegman" <stegmanw@comcast.net>, <focus-ms@securityfocus.com>

We have currently not found a good solution for this either.

We are using the iisadmpwd that comes with Exchange to allow offsite
users to set their passwords. I have read that this utility is
insecure. The use of this utility is restricted to valid accounts on an
SSL enabled site. This was a better solution that giving passwords over
the phone, or even worse, someone e-mailing the password (it ceases to
amaze me that people do these things).

Matt

Matthew Jenkins
Senior Network Specialist
TMC Technologies, Inc.
304.368.1862 ext 26
AOL: MLJenkinsCom Yahoo: mljenkins ICQ: 8116624 MSN
Visit us online at www.tmctechnologies.com

-----Original Message-----
From: William Stegman [mailto:stegmanw@comcast.net]
Sent: Friday, February 04, 2005 5:10 PM
To: focus-ms@securityfocus.com
Subject: active directory password policy

Does anyone have any experience with remote users who do not login to
the domain on a regular basis or at all, and have a password expiration
policy in effect? We can't seem to come up with a good plan to handle
these users. They only occassionally access domain resources such as
webmail via the Internet or an internal website to do timesheets via
vpn, and will not have the luxury of logging on to a machine connected
to our LAN and getting the warning about soon to expire passwords. If
our policy dictates passwords expire every 90 days, how can we avoid the

inevitable calls regarding password resets?

thx

/William Stegman - Network Administrator///

TransCore - Hummelstownd

---------------------------------------------------------------------------
---------------------------------------------------------------------------

Next message: Anthony Mendoza: "RE: active directory password policy"

Previous message: Erin Osminer: "RE: active directory password policy"
Maybe in reply to: William Stegman: "active directory password policy"
Next in thread: Anthony Mendoza: "RE: active directory password policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]