Our campus is currently configured with Macs and PC being bound/joined to active directory. We've been instructed that our password can only be changed via a specific website. This is semi-manageable but still somewhat painful when the user is here on campus plugged into ethernet as the user gets prompted to update the keychain after they restart or log out then login again.
Things get more challenging with wifi involved as now keychain doesn't prompt and the wifi simply doesn't work any longer. Now the configuration has to be removed and reconfigured with the new credentials.
Off site more of the same where keychain doesn't prompt even when on vpn. For vpn we use Aruba through their client software.
How are people dealing with this? The institution is finally implementing expiration dates on accounts so we need a good solution to deal with this as obviously in the past nobody really ever changed their password.
We're not using Filevault yet but I know it's on the roadmap so whatever solution gets provided, it will need to deal with whatever challenges await with it.
Thanks in advance for any help you can provide.
