Welcome to ISAserver.org

Discussion about article on how to configure password changes

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Discussion about article on how to configure password changes

Page: [1]

Message

<< Older Topic Newer Topic >>

Discussion about article on how to configure password c... - 26.Oct.2007 9:34:27 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Discssion on how to configure the ISA Firewall to support password changes at http://www.isaserver.org/tutorials/Configuring-2006-ISA-Firewall-Support-Password-Changes.html

Thanks!
Tom

< Message edited by tshinder -- 26.Oct.2007 9:39:51 AM >

_____________________________

Thomas W Shinder, M.D.

Post #: 1

Featured Links*

RE: Discussion about article on how to configure passwo... - 25.Jun.2008 5:02:08 PM

tomsimon

Posts: 17
Joined: 28.Mar.2006
Status: offline

Tom:
I don't see any reference to the ability to change the passwords after implementing this update. Will I only see it if the password is expiring or must be changed (expired)?

When we used Exchange Server 2003 under ISA Server 2006 the firewall would warn me well in advance that my password was expiring and give me the opportunity to change it.. Changing to Exchange Server 2007 or some other modification has caused us to lose this ability. Now if a password is expired the firewall will just deny the logon without presenting the option to change the password.

Thanks.

Tom

(in reply to tshinder)

Post #: 2

RE: Discussion about article on how to configure passwo... - 26.Jun.2008 9:00:34 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Tom,

What updates are you referring to? Exchange 2007?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to tomsimon)

Post #: 3

RE: Discussion about article on how to configure passwo... - 26.Jun.2008 10:52:26 AM

tomsimon

Posts: 17
Joined: 28.Mar.2006
Status: offline

I apologize for the ambiguity, but by "update" I meant configuring the ISA firewall to support LDAP authentication.

I fixed that particular issue by enabling the password management features on the listener for OWA. I had neglected to do this for my new server.

I have another problem, though. When I enable the functionality to change passwords and notify of expiration of passwords it takes about 25 seconds to login. As soon as I disable this feature I can login instantly. What is causing this delay? I saw your notes about how to deal with slow logins, but I am not sure any of those scenarios apply.

Thanks.

(in reply to tshinder)

Post #: 4

RE: Discussion about article on how to configure passwo... - 27.Jun.2008 8:33:25 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Tom,

Check my blog for this week's post on slow log on's. Jason Jone came up with a great answer to this problem and I did a short blog post on it.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to tomsimon)

Post #: 5

RE: Discussion about article on how to configure passwo... - 1.Jul.2008 11:42:49 AM

tomsimon

Posts: 17
Joined: 28.Mar.2006
Status: offline

That did the trick.

Thanks!

(in reply to tshinder)

Post #: 6

RE: Discussion about article on how to configure passwo... - 2.Jul.2008 9:42:28 AM

tshinder

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline

Great!

Good to hear you got it working and thanks for the follow up!

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to tomsimon)

Post #: 7

RE: [SOLVED] Discussion about article on how to configu... - 3.Sep.2008 12:29:43 PM

Arcesilaus

Posts: 19
Joined: 21.Dec.2006
Status: offline

Hi!

Currently, I am trying to implement Exchange 2007 behind an ISA 2006 firewall.
As described in this topic (http://forums.isaserver.org/m_2002053024/mpage_1/key_/tm.htm#2002073130), I am running into some odd issue:

My ISA is not part of the domain and therefore uses LDAPS (without GC, to allow password management in FBA).
It maps * to the right DC which works fine for all users that login with DOMAIN\USER.
In fact, the ISA authentication ticket is recognized as a ticket destined for the internal domain DOMAIN.LOCAL.

That is why I'm having problems with the Outlook Autodiscover, since the users then login using their UPN, but using the external domain DOMAIN.COM instead of DOMAIN.LOCAL.

My question, therefore, is whether there is a solution for this, either:

configuring the AD to accept requests for DOMAIN.COM
configuring the ISA server to change the domain in its request to the LDAPS server?

I can't imagine to be the only one running into this issue, so I'm probably overlooking a very simple solution here

Edit: the solution was simple indeed - I'll post it in the thread mentioned above.

< Message edited by Arcesilaus -- 3.Sep.2008 6:08:06 PM >

_____________________________

Homo sum: humani nil a me alienum puto (Terence)

(in reply to tshinder)

Post #: 8