RDS 2012 R2 – Windows Integrated authentication and Change Password

logo_WIA_PWD

Hello World,

Today again, we will be discussing about RDS 2012 R2 and more specifically an possible issue you might encounter if you have configured your system with Windows Integrated authentication instead of the default Form based authentication.

Overview

This previous post was describing how to configure the RemoteApp infrastructure in order to bypass the RD Web login page. By changing some settings, it’s possible to have the RD Web page configured to use the Windows Integrated Authentication (WIA) mode.  Using this mode, you will not get prompted for a username and password, you will have a direct access to the web page where the applications have been published.

So far, so good….

In this particular scenario (with WIA), I received a valid question about the change password web page.

When you configure your system with WIA, how a user can change his password ? 

Change Password Web page

In this other post, we have explained that it was possible to configure the RD Web Access to help users to reset their password.  The configuration is basically allowing the usage of an additional web form where the user can perform a change password

Expired3

Click on Picture for Better Resolution

If you are using WIA authentication mode and you have enabled the change password page, you will encounter an expected issue.  If a user is trying to change password via the web form while WIA has been configured, nothing will happen and the user will not be able to change the password.  If you click on the OK button, nothing will happen.

This is an expected behavior. Indeed, you have configured your system to use WIA authentication mode and the change password web form does not understand the WIA.  In order to be able to use the Change password page, you should configure your system to use Form-based authentication

So, How to Change Password ?

To change your password, you will simply press ctrl-Alt-Del on your computer (Workstation) and select the option Change Password.

Ctrl-Alt-Del

Click on picture for Better Resolution

This way of changing password would make more sense when you have configured WIA for RDS.   If you change the password that way, all your applications will use the updated password.  If you were changing the password via a web page (let’s say), you might have some of your applications (like outlook) that will popup and complains that the password they are using is not valid.  You will need to enter the new password you have selected.

Final Notes

Again, this was a quite short post but I think that was useful.  A lot of people were confused about changing password while WIA was configured.  To change password in such situation, forget the Change Password web page and use the standard lock screen to change your password

Hope this help

Till next time

See ya

 

 

 

Leave a Reply