Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Participant

Chenge expired password in AD via EndPoint

Jump to solution

Hello,

 

I got a problem with changing expired password in Active Directiory by Remote Access (VPN SSL port 636).

When I try to change password I got an error "Failed to modify password, LDAP error".

What can by the source of the problem, I tried to modify user policies which is integrated with CheckPoint - doesn't solved the problem. Ofcourse, I tried solution from this SK:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut....

Didn't help.

I will appreciate any suggestions.

Thank you,

Nbto

 

0 Kudos
Reply
1 Solution
6 Replies
Participant
Yep, position nr. 8 helped. Thank you ! 🙂
0 Kudos
Reply
Explorer

We're having the same issue. What exactly is nr. 8?

We were unable to make the schema change as it comes back saying it's read only.

0 Kudos
Reply
Advisor

if it is complaining about being read-only check if you have write permissions enabled on account unit:

 

image.png

0 Kudos
Reply
Explorer

I was able to change the schema and save it. Now the user can change their password and then it says "Negotiation With Site Failed". Now the password was actually changed successfully but then the user can no longer connect to the VPN. 

Going directly into the  AD and changing it back does no good. No matter what the user (test user) can no longer hit the VON with the negotiation error.

Any help is appreciated.

0 Kudos
Reply
Explorer

Dear Albrecht,

Even Our customer is also facing the same issue.

They are not able to change windows domain password for remote vpn users and followed sk89841 and sk33404, which is not working.

But they are able to change windows domain password for LAN users.

I have attached the screenshot for your reference.Windows_Domain_Error.jpeg

 

Regards,

Bharat Sudi

 

 

0 Kudos
Reply