Today I encountered a very strange issue with EEPC (5.1.8, XP SP3) and would like to know what do you think what might be the problem.
1) User forgot his password and locked it out while he was working in Windows 2) I've created a new token for him (from within management tool) using default EE password and forced sync with his laptop 3) rebooted his machine and logged in pre-boot with default 12345
After that the passwords should not match and SSO shouldn't work but he was successfully logged into Windows and was able to browse network, use Outlook etc.
So my question is how it is possible that he was able to logon to Windows with 12345 password? Even after another reboot it worked that way ... until I checked "User must change password at next logon" in AD MMC snap-in.
This has been talked about in a few different threads with many points of view - but the end result is that EEPC does not "forget" your SSO details just because you reset the EEPC password. The user will now know their new EEPC password, and EEPC will know their Windows password.
This makes it a huge pain for non-IT users who don't realize that their "login password" isn't their "AD/Netware/whatever" password and they try and use it to access network resources such as OWA, or things that rely on their AD password.