No password expiration alert when smart card logon is required

TheMSsForum.com: The Microsoft Software Forum

In my company we have a domain with windows 2000 Active Directory.
We are deploying smart cards for windows logon.
Domain account's username and password are needed to logon other services
like the Outlook Web Access (OWA), Windows Messenger, and file shares.

To make the users use their smart cards for windows logon, we have to enable
the "Smart card is required for interactive logon" option for their accounts
in the AD.

The problem is that the password expiration alert does NOT appear to a user
ONLY when this option is enabled, so eventually the password expires and it
has to
be reset by the administrator.

Does any one know how to overcome this problem?

Best Regards,
Muhammad Raga'ei
Information Security Associate
Top

Re: No password expiration alert when smart card logon is required by Jerry

Jerry
Wed Jan 18 18:01:00 CST 2006

Did this problem ever get resolved?

Muhammad Raga''ei wrote:
> In my company we have a domain with windows 2000 Active Directory.
> We are deploying smart cards for windows logon.
> Domain account's username and password are needed to logon other services
> like the Outlook Web Access (OWA), Windows Messenger, and file shares.
>
> To make the users use their smart cards for windows logon, we have to enable
> the "Smart card is required for interactive logon" option for their accounts
> in the AD.
>
> The problem is that the password expiration alert does NOT appear to a user
> ONLY when this option is enabled, so eventually the password expires and it
> has to
> be reset by the administrator.
>
> Does any one know how to overcome this problem?
>
> Best Regards,
> Muhammad Raga'ei
> Information Security Associate

Top

Re: No password expiration alert when smart card logon is required by MuhammadRagaei

MuhammadRagaei
Thu Jan 19 03:40:02 CST 2006

No, but we are considering a temporary solution; a script that checks for
passwords that about to expire and sends their owners an alerting email.

"Jerry" wrote:

> Did this problem ever get resolved?
>
> Muhammad Raga''ei wrote:
> > In my company we have a domain with windows 2000 Active Directory.
> > We are deploying smart cards for windows logon.
> > Domain account's username and password are needed to logon other services
> > like the Outlook Web Access (OWA), Windows Messenger, and file shares.
> >
> > To make the users use their smart cards for windows logon, we have to enable
> > the "Smart card is required for interactive logon" option for their accounts
> > in the AD.
> >
> > The problem is that the password expiration alert does NOT appear to a user
> > ONLY when this option is enabled, so eventually the password expires and it
> > has to
> > be reset by the administrator.
> >
> > Does any one know how to overcome this problem?
> >
> > Best Regards,
> > Muhammad Raga'ei
> > Information Security Associate
>
>
Top