no expired-password notification on wireless?

fimchick

OSNN Senior Addict
Joined
14 Mar 2004
Messages
276
Hey guys/gals,

I'm trying to figure out why, if a user's password has expired, and they try to connect to the wireless network on the domain, it doesn't tell them that the password is expired and prompt them to create a new one?
Is there some funky authentication that I'm not aware of?

I've also started having users complain that when on wireless, they are prompted to enter their password when they launch Outlook...?

Many thanks for any info!!
 
Well, one issue at a time....

First, in regards to the logon, it sounds like they are doing a cached logon. Depending on what your GPO is set to, this probably indicates they are not hitting the PDC, thus their credentials aren't gettin matched. Also, as a result, if they are not loggin in correctly, but still getting their profile, when they open up Outlook, it tries to authenticate to Exchange. Since the password has changed, and they are not authenticated correctly, Outlook will prompt them for the password. This behavior occurs when the Windows Integrated Authentication information doesn't match to the AD credentials.

Long story short, cached logins are your problem. Review your GPO settings in regards to those, set lower threshold, and that should help you out.
 
Heheh, so the funny thing is, we don't have any GPO policies set yet. I've to implement it on the network! :)
 
If there is a domain, there are GPO. The default domain policy is enabled by default, and I believe the default value for cached logons is 3, but I could be wrong on that...

Have you actually disabled the default domain policy?
 
I think I know what the problem is. Since we're using FreeBSD rather than IAS, we are having problems authenticating wirelessly when the password is expired. As a result, instead of logging the user onto the wireless connection and THEN checking for domain creds, it just errors out at the first step and poops.

Need to find some software or Windows add-on that can interface with wireless and then domain authentication.
 
This is another, possibly related issue...users who connect to a wireless network, and then get on the VPN, are prompted for a password when they launch Outlook 2003?
 
fimchick said:
I think I know what the problem is. Since we're using FreeBSD rather than IAS, we are having problems authenticating wirelessly when the password is expired. As a result, instead of logging the user onto the wireless connection and THEN checking for domain creds, it just errors out at the first step and poops.

Need to find some software or Windows add-on that can interface with wireless and then domain authentication.
Although I could be wrong, that is usually software specific to the wireless card. I would start investigating there.

In regards to your Outlook thing, try to fix the first problem as I feel they are related.

Best of luck mate :)
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back