Re: expiring user account passwords
From: Sameh Ahmed (essoplus_at_hotmail.com)
Date: 10/04/04
- Previous message: Leon Mayne [MVP]: "Re: windows integrated authetication"
- In reply to: Ken Schaefer: "Re: expiring user account passwords"
- Next in thread: Susan Wilson: "RE: expiring user account passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 4 Oct 2004 11:34:01 +0200
Susan
May be you can create a web page that they can use to change their password
when it expires
but as Ken said
they will not get a notification when it does, unless you configure some
sort of mail notification for example.
I suggest a HTTPS site that they can use to enter their old password and the
new one, you can use the Winnt provider for local users manipulation.
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:uJolTkQqEHA.596@TK2MSFTNGP11.phx.gbl...
> Once their passwords have expired, they will not be able to access the
> machine via the network, interactively, as a batch file etc.
>
> Now, if their password has just expired, then IIS won't immediately deny
> them access if they have recently logged on - IIS has a cached token that
it
> will reuse for a few minutes (this is done for performance reasons so that
> the user doens't have to be authenticated against the user database for
each
> web page, image etc that they request).
>
> However, an FTP user will not receive any "password change" notification.
> FTP doesn't support that. When the user logs on, they will simply be
denied
> access. The user will need a different mechanism to change their password.
>
> Cheers
> Ken
>
> "Susan Wilson" <Susan Wilson@discussions.microsoft.com> wrote in message
> news:26ED53FA-1658-4B32-99DA-89C729FBE1CC@microsoft.com...
> > Our company now requires all user accounts on our w2000 IIS servers (not
> > active directory) to automatically expire every 90 day's. Although user
> > accounts that "log into the server console" have always expired, Ftp
user
> > accounts and user accounts that access these servers via front page
server
> > extensions, had each of their accounts set to "password never expires".
> >
> > After expiring the passwords of the ftp users and frontpage users, (the
> > user
> > accounts now show "user must change password on next login") I expected
> > when
> > they accessed the server via ftp or Frontpage (server extensions) they
> > would
> > be prompted to change there password after entering a valid
> > username/password. If that happened, I would not be writing.
> >
> > Both user types are prompted for their user name and password then had
> > access to there ftp data or front page data on the server without any
> > forcing
> > of password change.
> >
> > My question is simple. How do the ftp users and front page server
> > extension
> > users receive the "your password has expired" message and be forced to
> > change
> > it? I have reviewed the local security policies and do no see a flag
that
> > control this.
> >
> > Is a user only forced to change an expired password when they log into
> > the
> > server console? If this is indeed the case, could you point me to a
> > Microsoft document that states this.
> >
> >
>
>
- Previous message: Leon Mayne [MVP]: "Re: windows integrated authetication"
- In reply to: Ken Schaefer: "Re: expiring user account passwords"
- Next in thread: Susan Wilson: "RE: expiring user account passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
