This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Nbto
Participant
‎2020-01-22 03:05 AM

Chenge expired password in AD via EndPoint

Jump to solution

Hello,

 

I got a problem with changing expired password in Active Directiory by Remote Access (VPN SSL port 636).

When I try to change password I got an error "Failed to modify password, LDAP error".

What can by the source of the problem, I tried to modify user policies which is integrated with CheckPoint - doesn't solved the problem. Ofcourse, I tried solution from this SK:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut....

Didn't help.

I will appreciate any suggestions.

Thank you,

Nbto

 

0 Kudos
Reply
1 Solution

Accepted Solutions
6 Replies
Nbto
Participant
‎2020-01-22 06:05 AM
In response to G_W_Albrecht

Jump to solution
Yep, position nr. 8 helped. Thank you ! 🙂
0 Kudos
Reply
rdemartini
Explorer
‎2020-05-26 12:18 PM
In response to Nbto

Jump to solution

We're having the same issue. What exactly is nr. 8?

We were unable to make the schema change as it comes back saying it's read only.

0 Kudos
Reply
abihsot__
Advisor
‎2020-05-27 07:53 AM
In response to rdemartini

Jump to solution

if it is complaining about being read-only check if you have write permissions enabled on account unit:

 

image.png

0 Kudos
Reply
rdemartini
Explorer
‎2020-05-27 08:07 AM
In response to abihsot__

Jump to solution

I was able to change the schema and save it. Now the user can change their password and then it says "Negotiation With Site Failed". Now the password was actually changed successfully but then the user can no longer connect to the VPN. 

Going directly into the  AD and changing it back does no good. No matter what the user (test user) can no longer hit the VON with the negotiation error.

Any help is appreciated.

0 Kudos
Reply
Bharat_Sudi
Explorer
Thursday
In response to G_W_Albrecht

Jump to solution

Dear Albrecht,

Even Our customer is also facing the same issue.

They are not able to change windows domain password for remote vpn users and followed sk89841 and sk33404, which is not working.

But they are able to change windows domain password for LAN users.

I have attached the screenshot for your reference.Windows_Domain_Error.jpeg

 

Regards,

Bharat Sudi

 

 

0 Kudos
Reply