Overview
Specops Password Notification utilizes the Group Policy infrastructure to store configurations and apply them to users.
How it works
1. Configure Specops Password Notification settings
On a computer where the Specops Password Notification Administration Tools package is installed the Group Policy Management Console (GPMC) is used to configure Specops Password Notification settings and to assign them to users. A Specops Password Notification Group Policy Object can contain one or more email notification templates.
2. Search for users with passwords that are about to expire
Once a day the Specops Password Notification Server queries Active Directory to retrieve information about:
- Group Policy Objects that contain Specops Password Notification settings
- when users passwords were last set
- maximum password ages configured in the domain
Note! Specops Password Notification takes into consideration if a user is affected by the maximum password age configured in the Default Domain Policy or a maximum password age configured in a fine-grained password policy (introduced with Windows Server 2008).
3. Sending password expiration notification emails
On the basis of the information retrieved from Active Directory the Specops Password Notification Server determines which users that should be sent a password expiration notification email.
4. Users receive password expiration notification email
Users whose passwords that are about to expire will receive password expiration notification emails once a day until they have changed their passwords.
Components
Specops Password Notification Server
On the basis of settings configured in Specops Password Notification Group Policy Objects the Specops Password Notification Server is responsible for detecting users whose passwords are about to expire and send them password expiration notification emails.
Specops Password Notification Server does not send password expiration notification emails to users that have any of the following user account options enabled:
- Account is disabled
- User must change password at next logon
- User cannot change password
- Password never expires
- Smart card is required for interactive logon
Specops Password Notification Administration Tools
The Specops Password Notification Administration Tools extends the Group Policy Editor console and adds the interface for configuring how and when the password expiration notifications should be emailed to the users.
Group Policy Management Console is used to assign Specops Password Notification settings to users using the Group Policy targeting mechanism.
Page last modified on March 26, 2009, at 06:16 PM