Ben, I don't have a script, but I have utilized the following product on my network: Pasword Expiration Notifier from Netwrix. It is about $2-4 per user login and is very configurable. http://www.netwrix.com/password_expiration_notifier_freeware.html for the free trial.
Pete Kramer On Wed, Jan 12, 2011 at 00:37, Ben N <[email protected]> wrote: > great idea about the script to notify users. > > i will have to see about upgrading our exchange to SP3 then. I wish OWA > would notify when they logged in too... I wish the VPN client could/did too. > > TS isn't an option for us as that access requires VPN to be on. > > Juniper SSL VPN does have a local client (Network Connect using java > runtime) that runs and you can see the entries in route table (route print). > But it's only running while logged in, like any other app. I heard there is > a MSGINA add-on you can use, but it makes more issues than it fixes. > > I think it would be ideal to warn users 5-7 days ahead of time and to ask > them to change password via TS or OWA. and will try to go down that route. > If anyone has working examples in your enviroment. i'd love to see them if > willing to share. Otherwise, i will do some searching around too. > > Thanks everyone who replied. You guys are an invaluable resource. I wish i > could give back more. > > -BenN > > On Tue, Jan 11, 2011 at 8:56 PM, Haritwal, Dhiraj < > [email protected]> wrote: > >> To notify them you can create a separate OU in AD, move those user in >> that OU, schedule a VB script on your Exchange Server to run on that OU >> every night which will create password expire date for those users by query >> maxpasswordage & send them a mail that their password is going to expire in >> n (in the script you can define if the mail should send from last 10 days or >> so / pwdexpiredate-10) number of days. Earlier I have done it for some of >> our Workgroup users. >> >> >> >> >> >> Dhiraj >> >> >> >> >> >> >> >> *From:* Ben N [mailto:[email protected]] >> *Sent:* Wednesday, January 12, 2011 4:46 AM >> >> *To:* NT System Admin Issues >> *Subject:* Re: domain joined laptops that aren't on your network >> >> >> >> yeah locking, and unlocking with new password did the trick. sweet! Years >> wasted not knowing this :) maybe it's a windows 7 thing, i don't know. So >> what about when a user's password expires? What do you do for these external >> users then? Far as i know Juniper SSL VPN won't let them logon. I think they >> can logon to OWA, but it doesn't really tell them they need to change the >> password. >> >> >> >> >> >> On Tue, Jan 11, 2011 at 3:07 PM, Jimmy Tran <[email protected]> wrote: >> >> I was able to follow Glen’s instructions and it worked for me when connect >> through network connect on the Juniper SSL VPN. Give it a try Ben. >> >> >> >> Jimmy >> >> >> >> *From:* Glen Johnson [mailto:[email protected]] >> *Sent:* Tuesday, January 11, 2011 10:30 AM >> >> >> *To:* NT System Admin Issues >> >> *Subject:* RE: domain joined laptops that aren't on your network >> >> >> >> Don’t know about ssl vpn, but with a cisco ipsec vpn, connect via vpn, >> lock the computer and unlock and if it’s time to change password, the laptop >> will prompt to change it. >> >> If the password has already been changed via owa, login to the laptop >> using old password, connect vpn, lock laptop and when it is unlocked it will >> ask for current domain password. >> >> >> >> *From:* Ben N [mailto:[email protected]] >> *Sent:* Tuesday, January 11, 2011 1:11 PM >> *To:* NT System Admin Issues >> *Subject:* domain joined laptops that aren't on your network >> >> >> >> So we setup domain joined laptops and then ship them out to users that >> work primarily from home. They then use SSL VPN (juniper SA) to connect back >> to us, but these laptops never actually make it back to our physical network >> in most cases. We have these people change their password in OWA or via RDP >> to a server, but that doesn't reflect back to the domain joined laptop they >> are on until one day they actually show up at one of our offices >> >> >> >> I had thought being on VPN, that it would sync up with the domain enough >> that their current domain password would be required the next time they >> logged into their laptops, but this isn't the case. >> >> >> >> Any ideas? >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> >> ------------------------------ >> This email is confidential and intended only for the use of the individual >> or entity named above and may contain information that is privileged. If you >> are not the intended recipient, you are notified that any dissemination, >> distribution or copying of this email is strictly prohibited. If you have >> received this email in error, please notify us immediately by return email >> or telephone and destroy the original message. - This mail is sent via Sony >> Asia Pacific Mail Gateway.. >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to [email protected] >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
