Wireless Access

Reply
Occasional Contributor II

Windows 7 expired password at login

I've googled this and can't wrap my head around what I am doing wrong.

He is my current situation:

 

Windows 2008 R2 Server with NPS configured and authenticating users under normal circumstances.

But when a user has an expired or is forced to change his password at next logon, the NPS server refuses connexion of this user.

What am I missing? Any help would be appreciated!

At this point, I am tempted to simply create a new hidden SSID in WPA2-PSK  mode as I know this works, but security sucks!

 

Thanks

Guru Elite

Re: Windows 7 expired password at login

If you are doing machine authentication at the login screen, it should prompt the user to change their password since it will still be authenticated as a machine.

 

 

The high level solution for password expiration across all devices (not just AD-joined machines) is to deploy user certificates.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Windows 7 expired password at login

And these certificates... must they be on the Enterprise level?

As I don't have Enterprise admin level access at the moment.

Guru Elite

Re: Windows 7 expired password at login

They just need to be client authentication TLS certificates. What do you mean by "Enterprise Level"?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: