Best Practice for Rolling Out Specific New Passwords to Users

27772953 36 Reputation points
2022-01-12T10:53:11.427+00:00

A customer with WS2019 and a few W7Pro, W10Pro and a Mac as clients wishes to have control over user passwords security / complexity.
He wishes to change passwords in ADUC and roll them out to the users without giving them the freedom to choose their own (probably not-as-secure ones).

When he did that to a test account, as expected, the client computer required the old password to login and the new password to access Server shared resources. And there was no clear way the user could change the local profile password to the newly set in ADUC as the two were no longer in sync and there was no authorized path to the Server.

Is there a way to accomplish this?

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,709 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,462 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,591 Reputation points
    2022-01-12T21:18:34.427+00:00

    Hello

    The only way to ensure the synchronization of passwords is when the computer is connected in the same network as the Domain Controller. If not, the computer will still prompt for the cached credential history to log in. Another option would be a connection through VPN to the Domain, where the computer can validate the new password against the Domain Controller, updating the logon requirement information.

    Hope this helps with your query,


    --If the reply is helpful, please Upvote and Accept as answer--


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.