Password Expiration Alert

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Is this thing on?? Ok, here goes...

I have two 2003 forests connected by a VPN tunnel with no trusts between
them. One runs an authentication domain for one of my clients and the
other is running Exchange, to which the users in the first domain connect
via RPCoHTTP. (Don't panic, this is only partially an exchange question.)

The issue is that when passwords expire on the domain hosting exchange, the
users in the other domain are never notified. They can get the warning in
OWA, but there is nothing coming through Outlook. The Exchange experts are
telling me that the way to do this is to create a two-way trust between the
domains, but this is not an option for political and security reasons.

I have an asp page that can verify that an account is about to expire and
allow users to change their password if I hand off the username as an input
parameter. I don't really like this though -- I have the usernames
identical between the domains, but there is no way to force this and I don't
like code that can break itself due to sloppy administration.

Are there other options that anyone can think of? I don't often get stumped
without a direction to go, but I am fast getting there.

--
Ryan Hanisco
MCSE, MCDBA
Flagship Integration Services
2 answers Last reply
More about password expiration alert
  1. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    On Thu, 13 Jan 2005 16:59:35 -0600, "Ryan Hanisco" <rhanisco@flagshipis.com> wrote:

    >Is this thing on?? Ok, here goes...
    >
    >I have two 2003 forests connected by a VPN tunnel with no trusts between
    >them. One runs an authentication domain for one of my clients and the
    >other is running Exchange, to which the users in the first domain connect
    >via RPCoHTTP. (Don't panic, this is only partially an exchange question.)
    >
    >The issue is that when passwords expire on the domain hosting exchange, the
    >users in the other domain are never notified. They can get the warning in
    >OWA, but there is nothing coming through Outlook. The Exchange experts are
    >telling me that the way to do this is to create a two-way trust between the
    >domains, but this is not an option for political and security reasons.
    >
    >I have an asp page that can verify that an account is about to expire and
    >allow users to change their password if I hand off the username as an input
    >parameter. I don't really like this though -- I have the usernames
    >identical between the domains, but there is no way to force this and I don't
    >like code that can break itself due to sloppy administration.
    >
    >Are there other options that anyone can think of? I don't often get stumped
    >without a direction to go, but I am fast getting there.

    have no clue. Have you seen http://support.microsoft.com?kbid=833401


    Jerold Schulman
    Windows Server MVP
    JSI, Inc.
    http://www.jsiinc.com
  2. Archived from groups: microsoft.public.win2000.active_directory (More info?)

    Yeah. I have RPCoHTTP working correctly. Its just that it doesn't warn
    the client about impending password expiration unless the user logon can be
    verified between domains via a two way trust. Its just that that happens to
    be something I can't do for political reasons.

    --
    Ryan Hanisco
    MCSE, MCDBA
    Flagship Integration Services

    "Jerold Schulman" <Jerry@jsiinc.com> wrote in message
    news:brlfu014u2o1dms971at1khu4opuvuc7do@4ax.com...
    > On Thu, 13 Jan 2005 16:59:35 -0600, "Ryan Hanisco"
    <rhanisco@flagshipis.com> wrote:
    >
    > >Is this thing on?? Ok, here goes...
    > >
    > >I have two 2003 forests connected by a VPN tunnel with no trusts between
    > >them. One runs an authentication domain for one of my clients and the
    > >other is running Exchange, to which the users in the first domain connect
    > >via RPCoHTTP. (Don't panic, this is only partially an exchange question.)
    > >
    > >The issue is that when passwords expire on the domain hosting exchange,
    the
    > >users in the other domain are never notified. They can get the warning
    in
    > >OWA, but there is nothing coming through Outlook. The Exchange experts
    are
    > >telling me that the way to do this is to create a two-way trust between
    the
    > >domains, but this is not an option for political and security reasons.
    > >
    > >I have an asp page that can verify that an account is about to expire and
    > >allow users to change their password if I hand off the username as an
    input
    > >parameter. I don't really like this though -- I have the usernames
    > >identical between the domains, but there is no way to force this and I
    don't
    > >like code that can break itself due to sloppy administration.
    > >
    > >Are there other options that anyone can think of? I don't often get
    stumped
    > >without a direction to go, but I am fast getting there.
    >
    > have no clue. Have you seen http://support.microsoft.com?kbid=833401
    >
    >
    >
    > Jerold Schulman
    > Windows Server MVP
    > JSI, Inc.
    > http://www.jsiinc.com
Ask a new question

Read More

Domain Exchange Active Directory Windows