Help

Active Directory Password Solution

andy_ng
New Contributor

Posted on ‎09-19-2016 02:37 AM

Hi all,

We are currently a mixed Windows / OS X house and have recently put in Casper to administer our Macs.

The Macs are not AD bound but we do use AD for certain services e.g. printing, WiFi (authentication) and emails (Exchange environment) etc.

Currently when staff are required to change their AD password (every 60 days), they will go onto OWA to change it.

Our new fearless leader has decided that we should migrate to Google mail for our email services and decommission the current exchange environment. The primary issue right now is finding a solution on how staff can change their password remotely without the use of OWA.

Any ideas would be much appreciated.

Thanks,

Andy

0 Kudos
Reply
7 REPLIES 7

eti_andrei
New Contributor II

Posted on ‎09-19-2016 06:08 AM

For our clients in similar situations, we opt for a web-based self-service password & account management portal. Of course, this all depends on the client's needs and budget.

Here are some tools we've deployed in the past:

https://www.manageengine.com/products/self-service-password/ (paid)

https://github.com/pwm-project/pwm (open source)

https://github.com/unosquare/passcore (open source - very basic)

0 Kudos
Reply

jconte
Contributor II

Posted on ‎09-19-2016 07:06 AM

We are AD bound for years without issue, you might want to look into Apple Enterprise Connect. You'll get different opinions from the community, but nonetheless it might help you out.

0 Kudos
Reply

nkuhl30
Contributor

Posted on ‎09-19-2016 09:53 AM

You can either port an old copy of iisadmpwd from Windows Server 2003 or use RD Web Access: http://www1.se.cuhk.edu.hk/~hmleung/wordpress/?p=1999

0 Kudos
Reply

pchen_plaid
New Contributor II

Posted on ‎09-19-2016 10:42 AM

I just rolled out Passcore myself.

0 Kudos
Reply

iJake
Valued Contributor

Posted on ‎09-19-2016 11:28 AM

Have you looked into Enterprise Connect from Apple Professional Services?
https://jamfnation.jamfsoftware.com/discussion.html?id=17757

0 Kudos
Reply

EliasG
Contributor

Posted on ‎09-19-2016 12:13 PM

@pchen_plaid How did you roll it out? Looking to to test it.

0 Kudos
Reply

galionschools
Contributor

Posted on ‎09-19-2016 03:03 PM

Passcore has an excellent, easy to use ui but it if you're looking for something to allow staff to change passwords when it expires it won't fit the bill. Similarly it doesn't like or allow a new password to be created if it's set in AD to "User must change password at next logon". Back to the drawing board for me at least.

0 Kudos
Reply