Our network ops group is very close to launching a policy which will force users to change their network password every 90 days. All of our other systems are compliant except Tigerpaw due to the following reasons.
Techs have to enter their user ID and network password in order to set-up the TP calendar sync. However, this causes problems for us and goes against both industry and Microsoft recommendations of how to interact with Exchange. After an end user changes their network password, TP continues to use the users old stored password and makes multiple quick attempts to log into exchange in order to sync their calendar. This looks like a hacking attempt which then forces the system to lock the users account access. Other devices such as mobile phones have a method where after 2 attempts the end user is prompted to update their pw before another sync attempt is performed, thus avoiding the lockout. When an end-users account is locked out, they cannot access email, Lync, PC, mobile, etc., until the account is unlocked.
In order for NetOps to correct this issue after a lock-out, they have 5 minutes or less to log into TP as the user and update their stored pw to make it match their new network password.
Any ideas? We have approximately 75 technical users and another 40 or so sales reps this will adversely affect.
Techs have to enter their user ID and network password in order to set-up the TP calendar sync. However, this causes problems for us and goes against both industry and Microsoft recommendations of how to interact with Exchange. After an end user changes their network password, TP continues to use the users old stored password and makes multiple quick attempts to log into exchange in order to sync their calendar. This looks like a hacking attempt which then forces the system to lock the users account access. Other devices such as mobile phones have a method where after 2 attempts the end user is prompted to update their pw before another sync attempt is performed, thus avoiding the lockout. When an end-users account is locked out, they cannot access email, Lync, PC, mobile, etc., until the account is unlocked.
In order for NetOps to correct this issue after a lock-out, they have 5 minutes or less to log into TP as the user and update their stored pw to make it match their new network password.
Any ideas? We have approximately 75 technical users and another 40 or so sales reps this will adversely affect.
Comment