Re: Mobile Users and Domain Password Management

From: S. Pidgorny (
Date: 02/09/05

Date: Wed, 9 Feb 2005 21:19:41 +1100

In my experience, if we decide to use thin client (i.e. Citrix), we don't
worry that much about passwords on the local workstations, as we don't
expect those to be standard operating environment, for one simple reason: we
cannot manage workstations that never connect to the corporate network. One
exception will be Blackberry, that we can manage wirelessly, but that's not
our Windows at all.

I do not agree that VPN is unreliable. Give it a go.

Svyatoslav Pidgorny, MVP, MCSE
-= F1 is the key =-
"Mike H." <> wrote in message
> We are planning on having mobile computers where the user will be
> constantly traveling.  We would like to avoid VPN (to unreliable) and
> Dial up (to Slow) and will have the users access our network via Citrix
> Secure Gateway (CSG).  The problem is that the mobile computer is a
> member of the domain and it never directly communicates with any domain
> controller.  How can one manage user passwords?  Obviously using CSG we
> can have the user change passwords on the domain, but this password
> change will never replicate to the locally cached domain information
> requiring the user to either remember 2 passwords or change the
> passwords twice.  Has anyone encountered this problem - if so how did
> you solve it?  Smart Cards?  SecurID?  If you do initialize two factor
> authentication do you need to do this for all users in the domain?
> Thanks in Advance,
> Mike H.