hello,
how is it possible for users with an expired password to change it?
If I dont enable the "ask_password" parameter, than the user's have to login twice (broker and than rds server) - but the users are able to change the password.
But with an enabled "ask_password" line, there is no password change dialog
expired user password
Re: expired user password
If NLA is disabled, WTware does not know what happened inside rdp session in windows interface. Client has no chance to know about password changing.
If NLA is enabled, password should be changed in wtware interface. Unfortunately, wtware can not do it
If NLA is enabled, password should be changed in wtware interface. Unfortunately, wtware can not do it
Re: expired user password
so I did a few tests regarding this password flag
1) NLA disabled, ask_password disabled => Windows Login Screen => Windows password change message => password change functional
2) NLA disabled, ask_password set => WTware Login Screen => Windows password change message => password change not functional, password cannot be changed
3) NLA enabled, ask_password disabled => WTware Login Screen => WTware dialog with password message (deactivate NLA etc)
4) NLA enabled, ask_password enabled => WTware Login Screen => WTware dialog with password message (deactivate NLA etc)
so maybe its possible to implement a behavior which switches from the WTware Login Screen to the windows login screen after the WTware dialog in 3) or 4) appears, so it would be possible to change the password?
Or do you know any other solution for changing the password after it is expired, or a new user account is created, and the flag is set?
1) NLA disabled, ask_password disabled => Windows Login Screen => Windows password change message => password change functional
2) NLA disabled, ask_password set => WTware Login Screen => Windows password change message => password change not functional, password cannot be changed
3) NLA enabled, ask_password disabled => WTware Login Screen => WTware dialog with password message (deactivate NLA etc)
4) NLA enabled, ask_password enabled => WTware Login Screen => WTware dialog with password message (deactivate NLA etc)
so maybe its possible to implement a behavior which switches from the WTware Login Screen to the windows login screen after the WTware dialog in 3) or 4) appears, so it would be possible to change the password?
Or do you know any other solution for changing the password after it is expired, or a new user account is created, and the flag is set?
Re: expired user password
With NLA enabled, no way to get windows login screen. Server with NLA did not accept connection without password.
Why password change not functional in 2) ? Here is my 2016 without NLA after ask_password=on:
I press OK, and:
Why password change not functional in 2) ? Here is my 2016 without NLA after ask_password=on:
I press OK, and:
Re: expired user password
ok, think there is a strange behaviour - tried it on our 2016 test rds server without a broker.
after login, the user receives the message to change password -> hit ok -> and then the loginscreen in attachment2 appears - but its not possible to login
maybe its a CredSSP thing - going to try a few things
after login, the user receives the message to change password -> hit ok -> and then the loginscreen in attachment2 appears - but its not possible to login
maybe its a CredSSP thing - going to try a few things
- Attachments
-
- 1.JPG (157.75 KiB) Viewed 11347 times
-
- 2.JPG (77 KiB) Viewed 11347 times
-
- 3.JPG (84.07 KiB) Viewed 11347 times
Re: expired user password
tried to change credssp to rdp - but also with no luck.
do you have any special configuration?
Update: I only receive the dialog, if I try to login to testserver via windows 10 notebook and mstsc, than the dialog appears and I'm able to change the password.
If I try to login via wtware on raspberry, the dialog won't appear
do you have any special configuration?
Update: I only receive the dialog, if I try to login to testserver via windows 10 notebook and mstsc, than the dialog appears and I'm able to change the password.
If I try to login via wtware on raspberry, the dialog won't appear
Last edited by geefox on Tue Jan 23, 2018 7:23 pm, edited 2 times in total.
Re: expired user password
I have no special configuration. I installed server. Configured static IP. Installed remote desktop role. Added local user. Disabled NLA in gpedit.msc. Changed date to expire password. As few clicks as possible.