Off-line reset and timestamp

Hi.

When a user performs an off-line password reset and a couple of days later the user connects the computer to the domain - what timestamp will be used for the password change?

 

Kind regards,

Ingvar 

Parents
  • My impression was for *Offline password reset* steps:
    1. internet. user logins to http://PM/PMUser | chose option 'Offline password reset' | answers Q/A | resets new password (call to AD/pwdLastSet timestamp set) and gets issued rabdomaly generated PC token=F(PC$ client ID).
    2. PC$ offline. user logins into PC$: Windows Logon Screen | Option PM Offline Reset | input (PC token + new password): user logs into PC$ and password hash is rest to the new one
    3. PC$ in corp network (VPN, or in the office): user logs in with AD authentication, triggers PC$ local password hash to be reset and synced.
    Again (1) will do the pwdLastSet.
Reply
  • My impression was for *Offline password reset* steps:
    1. internet. user logins to http://PM/PMUser | chose option 'Offline password reset' | answers Q/A | resets new password (call to AD/pwdLastSet timestamp set) and gets issued rabdomaly generated PC token=F(PC$ client ID).
    2. PC$ offline. user logins into PC$: Windows Logon Screen | Option PM Offline Reset | input (PC token + new password): user logs into PC$ and password hash is rest to the new one
    3. PC$ in corp network (VPN, or in the office): user logs in with AD authentication, triggers PC$ local password hash to be reset and synced.
    Again (1) will do the pwdLastSet.
Children
No Data