1 Reply Latest reply on Jul 31, 2019 1:11 AM by yezdi

    Can users change expired passwords when authenticating SSL VPN via Active Directory?

    KWKirchner Novice

      We have authentication working for our SSL VPN using our AD servers just fine, but when a users password is expired and NSX asks them to change it, the new password never makes it into their profile.  It looks like it takes the password, but it doesnt work.

       

      Is there some permission that we need to set on our Bind account to have it correctly update the password?  Is the password change only for internal accounts possibly? We have tried to delegate the permissions for password changes to the bind user, but that didnt seem to work (I almost want to say it worked briefly, but I wouldnt swear to it).

       

      The NSX docs are useless for this as far as I have seen.  Any help would be appreciated, even just confirmation that it is possible to update Active Directory passwords through the SSL VPN mechanism.