Pricing  Get Quote

Remote password management: How to allow users to change expired passwords when outside the domain network and cannot log in to RDP?

Admins enable the Password Expiration Notification feature to remind users of impending password expiration option to ensure that users change passwords periodically. This can help prevent cybercriminals from gaining access to sensitive data, even if they have stolen user credentials. However, remote users' Active Directory passwords expire because:

  1. They connect to their corporate network via VPN using cached credentials or initiate only a remote connection (RDP), and are not prompted to change their password.
  2. They use Outlook Web Access (OWA) and never log on interactively to see Windows notifications in their taskbar.

As a result, users are forced to call the help desk team for assistance. This is not an optimal solution as it increases the number of help desk calls and reduces employee productivity.


ADSelfService to the rescue: Send password expiration notifications and enable remote password change from a web-browser

ADSelfService Plus' Password Expiration Notifier alerts users about their impending Active Directory password expiration via SMS, email, or push reminders. Harder to ignore than the bubble messages from the task bar, SMS or email password reminders encourage users to change their soon-to-expire passwords immediately from a secure web-portal: ADSelfService Plus end user portal.

Configuration of Password Expiry Notification
Password expiry email notification
Password expiry notification mobile app

ADSelfService Plus supports sending multiple reminders at specified intervals to have your users proactively change their passwords before they expire. Admins can also send customized password expiration messages to different sets of users based on their OU and group membership.

How to configure password expiration notification in ADSelfService Plus?

  1. Go to Configuration > Password Expiration Notification > Add new notification.
  2. Select the domain, notification type, notification medium, and enter the scheduler name.
  3. Configure the notification frequency. For instance, admins can choose to send a password expiration alert seven days before the password expires; then send a second reminder five days before expiration; a third, three days before expiration; and a fourth and final reminder a day before the password expires.
  4. Click Save.

Active Directory user password expired: What now?

If users don't change their passwords despite receiving the notifications, ADSelfService Plus empowers them to change their Active Directory password from any web-browser, from anywhere, at any time. This means, ADSelfService Plus also remotely updates the cached password stored in users' machines.


How to enable Password Change in ADSelfservice Plus?

  1. Go to Configuration > Self-Service > Policy Configuration.
  2. Select Change Password.


  3. Click Select OUs/Groups to granularly select which set of users need to be allowed to change their passwords.

Other notable highlights of Password Expiration Notifier:

  1. Account expiration notifier: Notify Active Directory users about their impending account expiration.
  2. Compliance: Helps comply with PCI DSS and HIPAA regulations.
  3. Advanced reports: An overall summary of all the notifications sent to users will be emailed to your admins and managers to identify potential problems and resolve any issue before they arise.

Request for Support

Need further assistance? Fill this form, and we'll contact you rightaway.

  • Name
  • Business Email *
  • Phone *
  • Problem Description *
  • Country
  • By clicking 'Submit' you agree to processing of personal data according to the Privacy Policy.

Password self-service

Free Active Directory users from attending lengthy help desk calls by allowing them to self-service their password resets/ account unlock tasks. Hassle-free password change for Active Directory users with ADSelfService Plus ‘Change Password’ console. 

One identity with Single sign-on

Get seamless one-click access to 100+ cloud applications. With enterprise single sign-on, users can access all their cloud applications with their Active Directory credentials. Thanks to ADSelfService Plus! 

Password/Account Expiry Notification

Intimate Active Directory users of their impending password/account expiry by mailing them these password/account expiry notifications.

Password Synchronizer

Synchronize Windows Active Directory user password/account changes across multiple systems, automatically, including Office 365, G Suite, IBM iSeries and more. 

Password Policy Enforcer

Ensure strong user passwords that resist various hacking threats with ADSelfService Plus by enforcing Active Directory users to adhere to compliant passwords via displaying password complexity requirements.

Directory Self-UpdateCorporate Search

Portal that lets Active Directory users update their latest information and a quick search facility to scout for information about peers by using search keys, like contact number, of the personality being searched.

ADSelfService Plus trusted by

Embark on a journey towards identity security and Zero Trust