Reconnect, Expired Password and Grace Logon

Similar Messages

• Power-on password and windows logon

  Hi,
  I have just purchased two T61p's (by accident without the fingerprint reader). From a previous T60p I know that I could configure a poweron password (using the fingerprint) and when that was accepted the system would boot up and log my right into Windows since I was already authenticated.
  Now, I would like to configure the same thing with these new T61p's using a poweron password (typed on the keyboard). I have tried to figure out how to do it (e.g. under Client Security Solution/Advanced/Manage security policies) - but so far without success. It still prompts me for the Windows password as well.
  I have talked to Lenovo Support but it seems that they only support "genuine" Windows startup issues.... And Client Security Solution is a third-party program that they are not trained in - and thus cannot support.... - although this program (and others in the same category) are under Lenovo copyright etc. etc. if you look under "Help - About". Very strange (seen from a customer viewpoint)... However, the supervisor I ended up talking to was of the personal opinion that the above setup should be possible although he could not remember how to configure it (and could not officially support/help on the issue).
  Any ideas would be appreciated.
  Thank you in advance!
  John 

  OK - I left the domain and ran FP Mgr Pro and lo and behold, no fingerprints were enrolled.  Unfortunately, when I tried to enroll the fingers that I use for the FP reader, the machine told me that the fingerprints were already enrolled.  Recall that I did not delete the fingerprints that were enrolled under the domain before attempting to enroll at the machine level.
  Then - I deleted the fingerprints at the domain level and deleted the fingerprints at the BIOS level.  I then logged in at machine level and enrolled fingerprints.
  I rebooted and the machine asked for FPs at power on password and accepted my print.  Unfortunately, it booted me through power on and Windows security into machine level, not my domain which is where I need to be.
  This is very frustrating. 

• Windows Server 2012 R2 - RD Gateway and expired passwords

  We got tired of script kiddies trying to brute force our old RDP servers, so we thought RD Gateway was a good idea and implemented this on our newest RDS servers.
  That worked fine until the first password change. The support phone got hot for some days.
  I understand after investigating the issue that expired has been a problem in the 2008/2008R2 version of RD Gateway.
  Are expired/change on first logon still a problem in 2012 R2? I fint this strange after seeing all the old complains.
  Are there any solution to this problem (other than running Citrix wich manage password change with no problems)?
  Jens Tore Fremmegaard ::.::.:: ServerParkering AS

  NLA is disabled. This was never a problem when we used 2008 servers.
  On our old 2008 (and 2003 before that) terminal servers the users have always had the opportunity to both change expired passwords and "change password on first logon".
  After migrating to 2012 none of them work.
  We have a script that warns the users prior to password expiry date, but ther's always someone that waits to long. And then they have to call our support techs to get their passwords changed since password change not working on the rds servers.
  Off course they could change it through Exchange OWA, but try to tell that to the CEO that's used to only click their RDS shortcut.
  Jens Tore Fremmegaard ::.::.:: ServerParkering AS

• Fingerprints and expired passwords

  Hi Community,
  I have recently encountered this problem and I've yet to find a solution for it. Maybe someone here has experienced something similar before and can shed some light on how to fix it.
  I'm on a T410 with XP.
  I use an ActiveDirectory login to access my computer and my password for ActiveDirectory expires every 60 (or 90 days) I believe. In the past, when I was prompted to update my expired password upon logging in, Client Security Solution would pop up and tell me that I'm about to update a password already existed in the record and it simply updates it and everything syncs up nice and happy.
  This last time, however, I didn't get the Client Security Solution prompt when I attempted to update the expired password, and what has happened, is that now, when I swipe my finger, my old password is entered which obviously fails every time. So I'm having to enter my password every time I log-on making the fingerprint reader rather useless.
  I have attempted finding an entry for "Windows Login" in the Password Manager, but it seems that Windows/AD passwords are stored somewhere separate. My question is, how would I go about updating the password linked to my fingerprint? Do I have to delete the old profiles for my fingerprints and create new ones? Would that even solve the issue?
  Any help/suggestions are kindly appreciated.
  Cheers.
  -Andy

  What website/application are you trying to log into, where password manager is still using the old password?
  Or is this an issue where you can no longer log into windows itself, with your fingerprint?

• Expiring password warning

  Hello,
  I am using the JDBC thin driver and have individual user-id's with expiring passwords. The security profile gives them 5 days of warning messages. I can see these messages if logging in with SQL*PLUS. But I would like to pick this up in the getConnection (or elsewhere if it exists).
  I have tried getMessage and getSQLState from the SQLException but the exception is not even thrown.
  Also, is it possible to discern between an expired password and an invalid (wrong) password in JDBC?
  Thanks,
  Don

  Sorry for the delay. I had given up on getting a reply on this one. I also gave up on an elegant solution. So, after I connect successfully, I do a "SELECT expiry_date FROM user_users" to calculate it myself. As I recall, any grace period that may be part of the security profile must be added to the number of days until expiration.
  I really think there's a better way to do this, so I will keep my eyes open.

• Which attribute shows if a user has an expired password?

  DSEE 6.3
  I created my own password policy, and applied it to a single user.
  I would like to know which attribute shows if a user has an expired password, and how do I query that attribute for the user. How would I query the time till expiration as well?
  I am basically looking for example queries to such information.
  thanks,

  My limited experience with this sort of thing is to run a query like the following:
  ldapsearch -1TL -h `hostname` -D 'cn=Directory Manager' -b "dc=<your dc>,dc=com" uid=<uid your choice> pwdAccountLockedTime pwdFailureTime pwdLastAuthTim
  e pwdChangedTime passwordRetryCount nscpentrywsi
  This dumps some helpful stuff. I've noticed ... in our ldap instance that a locked account has the following output:
  pwdAccountLockedTime: 000001010000Z
  I don't know why it shows up that way ... but it's something I can key on and search for to find locked accounts. Not necessarily an indication that a password has expired, of course, but sort of interesting to me. An account can be locked for other reasons obviously.
  I think pwdChangedTime might be what you want assuming you know what the password expiration time is set to ...

• Cisco ISE - User with expired password is forced to logoff before they can change password.

  I came across a situation today where a user was logged into a laptop with an expired password and could not change it by simply locking the computer and logging in with the correct credentials. (They had previously changed it on their main computer) The port restricted any communication since the user was failing authentication.
  So, the I had the user logout and immediately the computer authenticated, and the user was able to login with the correct credentials.   I dont want my users to have to logout completely in this situation.  Below is the port config and the ISE error messages.
   switchport access vlan 423
   switchport mode access
   switchport block unicast
   switchport voice vlan 425
   ip arp inspection limit rate 10
   ip access-group ACL-LOW-IMPACT-MODE in
   authentication event fail action next-method
   authentication event server dead action authorize voice
   authentication event server alive action reinitialize
   authentication host-mode multi-auth
   authentication open
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication timer reauthenticate server
   authentication timer inactivity server
   authentication violation restrict
   mab
   snmp trap mac-notification change added
   dot1x pae authenticator
   dot1x timeout tx-period 3600
   spanning-tree portfast
   spanning-tree bpduguard enable
   ip dhcp snooping limit rate 100

  Completely forgot about odac version. I have ODT with ODAC 102.02 installed.
  I want to download new drivers from here:
  Oracle10g Release 2 ODAC and Oracle Developer Tools for Visual Studio .NET
  http://download.oracle.com/otn/other/ole-oo4o/ODTwithODAC1020221.exe
  And old drivers from here (just for testing)
  Oracle Developer Tools for Visual Studio .NET 10.1.0.4.0
  http://download.oracle.com/otn/other/ODT10104.exe
  Does anybody know something about these releases? Do they have the same behavior?
  Thanks.

• HT204053 Dear Support Team, every time i tried to logon Icloud its gives me wrong user name or password and at the end it show me error " This Apple ID is valid but is not an ICloud Account" then how can i use one account for same Apple ID and ICloud???

  Dear Support Team,
  Every time i tried to logon Icloud its gives me wrong user name or password and at the end it show me error " This Apple ID is valid but is not an ICloud Account" then how can i use one account for same Apple ID and ICloud?
  Thanks

  It is not possible to create a new iCloud account using a Windows machine. You must create the account using a Mac (10.7.5 or more) or an IOS device (iPhone etc). Once that is done you can sign into and use the account on your Windows machine.

• I am trying to add a game to my sons I touch pad. It is a free game. It asks for verification of password and credit card info. Every time, it tells me that my time has expired. Help.

  I am trying to add a game to my sons I touch pad. It is a free game. It asks for verification of password and credit card info. Every time, it tells me that my time has expired. Help.

  It asked me that too.Don't worry and just put it in. Itunes doesn't charge unless your son buys something. The password happens to me all the time. Credit card was only once. Just make sure your son knows not to buy anything without permission so he doesn't accidently charge you something.

• I have forgot my logon password and i have no hint can not get into my laptop.

  hello everyone
  I have forgotten my logon password and stupid me did not make a hint and now I can not access my macbook air. I went and tried other ways command r and still since i am new to mac never made a back up again stupid me. I then tried to re install the OS and it tell me that it does not see the start up OS system.
  I need my mac since this is the only form of entertainment on my ship in which i work on and am leaving this week. PLEASE someone help me.....
  Thanks
  Robin.

  There are different ways to reset the password depending on the Mac OS X version you are running. You can check it in  > About this Mac.
  If it's 10.6 or older, see "Resetting your original administrator account password" > http://support.apple.com/kb/HT1274 Also, see > https://discussions.apple.com/docs/DOC-5381
  If it's 10.7 or 10.8, try resetting your password with your Apple ID by following the steps of the link above. If it doesn't work, reset the password using Recovery > http://discussions.apple.com/docs/DOC-4101

• My PC cannot find my Mac and also it ask for a password and I put it in and tell Logon failure:unknown user name or bad password

  I need some help on my MAC about them problem that I have and the question is: My PC cannot find my MAC and it ask a question  about putting in the password and I did it come back and said: Logon failure: unknown user name or bad password.
  Thank You
  Lumpy

  You have to explain a little more fully what you are trying to do and what protocol.  Whats your set up?

• Initial and expired password status is not checked during login for ITS Services

  Dear all,
  we have the following Basic problem or question regarding ITS-based ABAP Services provided via browser to internal and external customers:
  The user call the ITS via URL "https://<host>:<port>/sap/bc/gui/sap/its/it13?sap-client=03&sap-language=en" his browser.
  To access the Service a simple login Dialog appears for entering the credentials (UserID + Password).
  The problem with this simple Dialog is that after resetting the users password this initial password status seems not to be checked here.
  That means, that the user is able to login with this initial password and he is not forced to change the password.
  In difference to this the intended behavior is provided for example when the SAP Standard ITS Service "webgui" is launched by the user:
  The user launches der Service via URL "https://<host>:<port>/sap/bc/gui/sap/its/webgui?sap-client=03&sap-language=en"
  In this case an additional first SAP WebAS login dialog appears where the users has to click on a Login-Button. This login button opens
  another login dialog as a popup where the user is able to enter his credentials. But if the password has an initial status the user is
  forced afterwards to change his password.
  So the login behavior of the webgui Service is what we also want for the any other ITS Service. We've already compared the service properties and
  settings (SICF), but we could not find any difference.
  What can we do to change the login behavior for the ITS services ?
  Thanks in advance for any kind of help !
  Joerg

  Hello Joerg,
  Can you attach a screenshot of the "Logon Data" tab of the service 'it13' in transaction SICF?
  In SICF - Tab: Error Pages -> Logon Errors
  is 'SYSTEM Logon' selected for both the 'WEBGUI' service and 'IT13' service?
  Regards,
  Oisin

• Ad-User script to check if expired password = true and email helpdesk

  I have a script that runs each day and reminds my users that their password will expire. This works well.
  I'm having trouble creating a script to email our helpdesk once the password has expired so engineers can reset it automatically.
  The code I have displays nothing yet I know I have expired passwords.
  Get-ADUser -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False) -and (PasswordExpired -eq $True)} -properties PasswordLastSet, PasswordExpired, PasswordNeverExpires, EmailAddress, GivenName
  Please help!

  I looked at a test user meeting these criteria. Although the AccountExpirationDate was in the past, the AccountExpired property was still $False. I'm not sure what process is responsible for changing the AccountExpired property based on AccountExpirationDate,
  but this is where your script seems to fail. 
  This works:
  Get-ADUser -filter {(Enabled -eq $True) -and (PasswordNeverExpires -eq $False)} -properties PasswordLastSet, PasswordExpired, PasswordNeverExpires, EmailAddress, GivenName, AccountExpirationDate |
  Where { $_.AccountExpirationDate -lt (Get-Date) }
  Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable) _________________________________________________________________________________
  Powershell: Learn it before it's an emergency http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx
  Account expired is derived by the Classes.  It is not on the raw object. It is all that needs to be checked.  If an account is not set to be expired then that will always be false.
  Like this:
  Get-ADUser -filter * -properties * |?{$_.passwordexpired}  | select passwordexpired
  You can also do the math.
  ¯\_(ツ)_/¯

• Hello I am French subscriber to Itunes but would also like to download books or movies from English or Spanish platform. Itunes is refusing my "French" logon and password, and refusing creation of new ones as well. Any solution ?

  hello I am French subscriber to Itunes but would also like to download books or movies from English or Spanish platform. Itunes is refusing my "French" logon and password, and refusing creation of new ones as well. Any solution ?

  You can buy ONLY from the itunes store of your country of residence ( proven by the valid billing address of your credit card) AND ONLY while physically located inside the borders of that country.

• Saved passwords and logon IDs

  I have one web site that requires and ID and password to get into. When I first logged onto this web page Firefox asked if I wanted it to remember this and I replied that I did. However, the next time I went to log on I found out that all that was saved was the password and not the ID. So, I deleted the stored information, logged on again and I was again asked if Firefox should remember the data. As before I responded "yes." When I went to my saved password I again found that only the password was saved an not login ID. Is there a way I can manually fix this?

  Hi d5223xx;
  I think that information is kept in cookies. Check to see if you have a cookie for that site. Delete and see you get asked again.
  Allan