Hi, Sometimes we get this - especially if ISA/TMG is in front of the Exchange CAS server, this can eventually leave the account locked. I think higher versions of IOS solves it. My best policy is to unlock the account and reset the password, then get the user to change this in OWA, the system we have has a checkbox to tick to enable instant password changing without logging into OWA itself, then change the password in IOS. Andrew. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Barry Toner Sent: 10 May 2013 11:39 To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Active Directory, Exchange and IOS Hi Darragh, This is true. However, when the user re-types that password into IOS/Exchange, is it not a one shot deal? Or will the temp password not initiate the change until they log into their Domain account? I'm a bit muddled, I know... I just want to make sure that with us upgrading Exchange at the moment, some users are frantically typing their passwords in over and over again, and locking themselves out. I then reset their account on AD, but as they aren't in the office today, I'm a bit confused as what happens with the policy to change the password when they next log-in? Thanks, Barry. Barry. -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Darragh OHeiligh Sent: 10 May 2013 11:35 To: Blind sysadmins list Cc: Blind-sysadmins Subject: Re: [Blind-sysadmins] Active Directory, Exchange and IOS Bary, When the exchange password changes, the connection from the IOS side will fail and prompt the user to re-type the password. Is this not happening? Regards Darragh H iligh Fujitsu Offices of the Houses of the Oireachtas, Fredrick Building, South Fredrick Street, Dublin2 Telephone: +353 (1) 618 3559 Email: darragh.oheiligh@oireachtas.ie Internet: http://www.oireachtas.ie From: Barry Toner <Barry.Toner@clanmil.org.uk> To: "Blind sysadmins list (blind-sysadmins@lists.hodgsonfamily.org)" <blind-sysadmins@lists.hodgsonfamily.org>, Date: 10/05/2013 11:30 Subject: [Blind-sysadmins] Active Directory, Exchange and IOS Sent by: "Blind-sysadmins" <blind-sysadmins-bounces@lists.hodgsonfamily.org> Hi folks, The above mix is great when it works, but a pain when one breaks down. I cant' seem to find a way for a user with an IOS device to get the prompt to change their AD password after a reset. I'll try and explain ina brief scenario. Customer rings Helpdesk, have forgotten their password. Helpdesk resets the password in AD, and enables the pfor the user to change it upon their enxt log-in. This is fine if the user is in front of their computer they log-on to the domain, as Windows will prompt them. However, if they're accessing their emails through Exchange and IOS and the above scenario take splace they wont' get this change password prompt. Therefore the Helpdesk will have tos et a permanent password. Not good. Has anyone came across this and if so found either a workaround or a solution, on have any theories on this? Thanks, Barry. Barry Toner ICT Assistant ICT Department Clanmil Housing Northern Whig House 3 Waring Street Belfast BT1 2DX Tel: 02890 876000 Fax: 02890 876001 _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins Oireachtas email policy and disclaimer. http://www.oireachtas.ie/parliament/about/oireachtasemailpolicyanddisclaimer... Beartas r omhphoist an Oireachtais agus s anadh. http://www.oireachtas.ie/parliament/ga/eolas/beartasriomhphoistanoireachtais... _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org http://lists.hodgsonfamily.org/listinfo/blind-sysadmins