AVD Password reset question

Copper Contributor

We have an application that we host for customers and we are running into password expiration problems. Our customers don't get notifications that their passwords expire and when it expires they try to login on the remote app and cant. It creates support calls and we have to tell them how to reset via the portal and then they are fine. Is there a graceful way to notify the customer of the expiration so they dont get caught in this situation? Thank you so much in advance!!

 

Mike 

3 Replies
The message our customers get is - This user account's password has expired. The password must change in order to login. Please update the password or contact your system administrator or technical support. Often the customer doesnt know where to go to update their password as they are just launching an application that is hosted by us. I would like to see if there is a way to remind them that their password is going to expire before it happens or if there is something better, I'm all ears. I just want to avoid the customer from being locked out of their session. Thanks!

Mike

@mstevenhartman Its my understanding that AVD does not support password change after and expiry.  Citrix When logging into the netscaler recognizes that your password has expired and prompts the end user to update the password.   I have not seen anything in the roadmap for AVD to implement this either.

 

I can only suggest instructing the users to press CTRL ALT END whilst in the app to change password before it expires.  The only other thing I can think to do is implement Self Service Password Reset in azure but that may create more calls.

 

 

https://www.azure365pro.com/synchronizing-user-must-change-password-at-next-logon-flag-to-azure-ad/

once the ForcePasswordChangeOnLogOn is set to true you can instruct the users to goto portal.office.com and they will be prompted that the password has expired and instruct the end user to update the password.

Once changed they can then logon the remote desktop application 

 

Connect-MsolService

Set-ADSyncAADCompanyFeature -ForcePasswordChangeOnLogon $true