Friday 2 May 2014

How to get password expiration notification before expiration date

Password expiration issues are more important than what they might appear at the first glance. IT Helpdesk, in a medium to large size organization, end up getting tens of password resetting requests from end users due to expired passwords every day. These issues not only lead to wastage of time at users end but also for IT Helpdesk staff. Windows has its way of reminding users about their soon-to-expire password when they do interactive logon.

But in some cases such as VPN and OWA, users may be accessing the system from outside the organizational premise and hence they could not get the password expiration notification from interactive logon. Also, starting with Windows 7, password expiration notification has been moved to system notification area, which users may tend to ignore.

Microsoft provides a way to deal with the problem with the help of WMI query. Administrators can run it to find out soon to expired passwords and prompt users to change their passwords before specified number of days. Beside WMI query, there are commercially available tools to handle user’s password expiration. These tools allow administrators to get a bird’s eye view of password expiration status of all users without disturbing the end users. Admins can get reports right in their mailbox detailing the password expiration status of all users across domains in the organization. Besides, individual emails can be sent to users across domain reminding them of the password expiry. Emails, not only emphasize the importance of resetting the passwords to end users but are usually hard to miss given that almost all organizational users don’t forget to look into their Inbox at least once. 

Lepide User PasswordExpiration Reminder tool is one such commercially available software that can take care of the entire User password expiration reminder issue. It reminds users when their password is about to expire and provides six critical reports on Users whose password never expires, Users whose password is soon to expire, Recent logon failures, Password Change Reports, Users with expired password, and Change Password at Next Logon Users. Notifications can be scheduled based on Password expiration policies defined at OU level. There are provisions of real-time alerts and report scheduling, so you don’t need to be daily working with the tool. Just configure it once as per your requirement and it will be taking care of all password expiration notifications in the way you wanted. Software is available in demo version of 15 days to allow you to evaluate it before purchase. Surely, an important Active Directory add-on tool to save Helpdesk time and resources.

No comments:

Post a Comment