We are running a mixed environment of Win2k3 and Win2k8 servers in a Win2k forest.
I have set a password policy through a GPO that forces passwords to expire after a number of days, and to prompt the user to change it. This works perfectly fine on our 2003 servers, but not on our Win2k8 servers.
On the 2k3 servers, the next login after the password expires prompts them to change their password. However on our 2k8 servers this does not happen, it still allows the users to login. Once in, there is a message that appears near the system tray that tells the user their password is about to, or has expired and they need to change their password.
As I’m sure you all have experienced, no one pays attention to this alert and they do not change their passwords. Then they start to have issues authenticating with our proxy server, which prompts them to enter their AD credentials. To fix this, we have to either reset their password in AD, or have them try and login to one of our 2k3 servers, which prompts them to change their password. Logging out of the 2k8 server and back in does not seem to work.
Is it possible for Win2k8 to force a user to change their expired password on login, like it does for our Win2k3 servers?
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.