Educause Security Discussion mailing list archives
Password change redirect limitations
From: Frank Barton <bartonf () HUSSON EDU>
Date: Tue, 6 Oct 2020 09:53:41 -0400
Hi Folks, I've just spent the last couple weeks going back and forth with Google Support, and our Higher Education Google person, and I figure I should let these groups know the result of this. Background: - We sync passwords from Active Directory to G-Suite using the Password Sync Tool on all Domain Controllers - We have the appropriate settings from https://support.google.com/a/answer/2611842 configured to "Prevent users from changing their Google passwords" (support has verified this) - users should be directed to our internal password change/reset page Problem: - When a Google account is flagged as "Require password change: On" the password change is NOT redirected, and process as a Google Password change Sub-Problem: - When an account is flagged by Google's automatic process for compromise (eg. "Leaked Password") the wording of the message states: "This Leaked password alert is to inform you that Google has suspended an account in your domain due to a potentially leaked password." but this isn't the case - the account isn't suspended - it is set as "Require password change" I am hoping that we can either get the behaviour changed - or get the documentation updated to reflect reality. Frank -- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University PGP Key Fingerprint: 0249DC644EC78D2F6B5CD2C6C94D3EDB57946437 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Password change redirect limitations Frank Barton (Oct 06)
- Re: Password change redirect limitations Jones, Mark B (Oct 06)
- Re: Password change redirect limitations Rodolfo Nunez (Oct 08)
- Re: Password change redirect limitations Frank Barton (Oct 08)
- Re: Password change redirect limitations Rodolfo Nunez (Oct 08)
- Re: Password change redirect limitations Jones, Mark B (Oct 06)