LDAP Authentication issues when GPO enforces password change

Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).
Post Reply
HGP-IT
OpenVPN User
Posts: 14
Joined: Fri Jan 28, 2011 11:04 am
Location: Halesowen - UK

LDAP Authentication issues when GPO enforces password change

Post by HGP-IT » Fri Apr 04, 2014 10:26 am

Hi, we are currently having issues with remote users when their AD account flags that their password needs to be changed.

This happens when GPO enforces the user to change their password whilst they are not connected via VPN. When they next login, LDAP authentication knows that the password should have been changed and therefore will not allow users to connect securely. Because they cannot connect, they cannot get the Windows prompt to tell them that they need to change their password.

Bit of a vicious circle. Can anyone suggest a work around or tweak for this?
Thanks in advance :)

Post Reply