Novell is now a part of Micro Focus

What happens on VPN (Virtual Private Network) login when the users' passwords have expired?

Articles and Tips: qna

07 Jun 2000


Q.

Dear Ab-end: What happens on VPN (Virtual Private Network) login when the users' passwords have expired? Will they get a password expiration message as they would through a "regular" login? Will they be given the chance to change their password and/or use a grace login?

--Jammin' in Jackson

A.

Dear Jammin': According to Roselyn Lee from Border Services Engineering at Novell, there are three ways the password expiration messages can work in a VPN scenario:

  • Users don't get any message or alert-they just can't log in every 90 days.

  • Users receive an expiration alert and a message telling them to change their password via the NWAdmin utility.

  • Users receive an expiration alert and have to log in to NetWare after connecting via VPN, after which they must change their password manually.

The password expiration behavior for the VPN client depends on which version of BorderManager you are running. With BorderManager 3.0, users will not receive any notification (the behavior noted in option #1 above).

With BorderManager 3.5, VPN Login itself will give users a warning when their password has expired and state that they have a few grace logins remaining. If a user has grace logins remaining and a VPN connection is established, there are two options: (a) If the user checked the box that says "Login to NetWare," the user will be logged in to NetWare. As part of the NetWare login process, the user will be prompted to change the password. (b) If the user did not check the box that says "Login to NetWare," it is up to the user to invoke the Novell Client (either during this VPN session or at another time) and log in to change the password. If a user's password has expired and no grace logins remain, that user will be told that the password has expired and the VPN connection will not be brought up.

The bottom line is that the VPN Client itself currently does not provide any password change mechanism; it only provides a warning. If your password expires, the VPN client should let you know your password has expired, but it currently does not have the capability to change your password for you. It suggests that you use NWAdmin to change your password. Your password can also be changed by using the utilities that come with the Novell client (if you are logged in).

The current plan calls for the next release of the VPN client to include the ability to allow users to change their passwords.

* Originally published in Novell AppNotes

Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

© Copyright Micro Focus or one of its affiliates