If you have like 40,000 students, I do not think that is a good workaround. That can work if you have a small school or have teachers connected to the DCs all the time. If that doesn't apply to your situation, contact Google's support to see if there is another way to accomplish what you're after. Our teachers can change their domain pw when they're on our network and then that change will get pushed to Google via -Suite Password Sync. We have our AD configured so that students can not change their pw. When students try to change their pw they are directed to a webpage that tells them to contact their school's helpdesk. We use G-Suite Password Sync to push our passwords from our AD to Google and have "non-admin password recovery" turned OFF. Sadly there is no way to stop people from changing their passwords. User login to email, change password (eg 123456) **this is OPs question** Scenario 2.Domain User with G-suite Email Account When user change Domain PW to 987654, GSPS will sync 987654 as the email password. At this point, Domain PW is abcde while email PW is 123456. User login to email, will be prompted to change password (eg 123456) Domain ID & password (eg abcdef) created, then G-suite Email Account is created (manually or with GCDS). Scenario 1.New Domain User with G-suite Email Account The password will only sync to DCs when Domain users change their Domain password. G Suite Password Sync still allows people to change their G-suite passwords online. That might be something you could use to accomplish what you want, just give it a link that doesn't go anywhere. It's for syncing from AD to G Suite, but one step sets it so a password change attempt is directed to doing so in AD instead.
0 kommentar(er)
