A remote user had forgotten their password, so they phoned our Service Desk to get it reset. The user did not have a direct connection to the domain so their cached credentials were still holding the forgoten password preventing the user logging on.
The below is what I did to resolve the issue, it relied upon having a local account or someone elees pre cached credentials the user could log on with.
- As part of my laptop builds I create a local standard user which comes in usful in situtauions like this, I gave the user the details for this recovery user and got them to log on.
- I got them to VPN in using their Cisco Anyconnect Client
- I could now remotly connect to the laptops
- Under Contol Panel => System => Remote settings I enabled Remote Desktop and added the user to the list of user that con connect.
- On my computer a ran MSTSC and connected to the computer.
- When prompted I entered the users new credentials.
- Windows clients only allow a single user to be logged on at a time, I received a couple of prompts informing me my local recovery user was going to be logged out.
- Once my RDP seesion had remotely logged in (updating the cached credentials with the new password) I logged out
- I then asked the user to logon with their new credentials and all was fine
- Finally I remotely connected to the computer and disabled remote dekstop.