Documentation

Password management for Active Directory users

Password management for Active Directory users

In order for Active Directory users to be able to change their passwords you first need to have Active Directory integration enabled on the Active Directory page.

Enabling password changes for Active Directory users (7.1.0)

  1. Go to the ThoughtFarmer Administration panel: Authentication section > Settings page.
  2. In the Active Directory user authentication settings section, select the checkbox "Allow password changes with a warning period of X days." (X represents the number of days (before the password expiry date) that users are warned to change their password.)
    6.7Admin8753ADPasswordChange.png
  3. You can leave the number of days as the default number, or type a new number of days in the field.
  4. Click Save Changes at the bottom.
This warning message will show on the user's homepage to remind them to change their password before it expires.



When AD users change their password through ThoughtFarmer the old password may still be cached and usable for up to 15 minutes. Please see http://support.microsoft.com/kb/267568 for more info.

Enabling password changes for Active Directory users (7.1.1)

  1. Go to the ThoughtFarmer Administration panelAuthentication section > Active Directory  page.
  2. Click on the Active Directory for which you want to enable password changes.
  3. In the Active Directory settings box, click Change.
  4. In the User authentication settings section, under Allow password changes , select the checkbox "Allow password changes with a warning period of days." (represents the number of days (before the password expiry date) that users are warned to change their password.)
  5. You can leave the number of days as the default number, or type a new number of days in the field.
  6. Click Save settings at the bottom.

View your Domain password policies (7.1.0 only)

Each Domain in your network, as well as the local server for Windows users, has its own set of password policies. In most cases all Domains will match. To check the password policies:
  1. Go to the ThoughtFarmer Administration panel: Authentication section > Settings page.
  2. Go to the Active Directory user authentication settings section.
  3. At the end of the Allow password changes admin explanation, click the link View the Active Directory password policies.
These password policies are also presented to users when they change their password through their profile page.