This article is designed to explain how Quickpass assists with updating cached credentials on a domain-joined workstation after a password reset. This will improve the chances of a successful login for end users who are unable to connect to the Active Directory environment.
- Have an active Quickpass account.
- Have the Quickpass Agent installed on your AD Server (Domain Controller) and AD Workstation (Workstation joined to Traditional AD)
The end-user account is imported into the Quickpass dashboard.
The end-user computer has an active connection back to the domain controller either by:
- A. Physically being on the work network containing the Domain Controller.
- B. Or by having a software/hardware VPN network that gives them a network connection back to the Domain Controller.
- The end-user has logged into the workstation after the installation of the Quickpass agent and the workstation is detected for the AD account
Supported servers and workstations will be listed in the section "Supported Servers and Workstations" of this article.
When an end user's password is changed (via the self-service website, mobile app, QuickPass dashboard, or PSA integration), QuickPass will initiate an attempt to update the cached credentials on the end user's workstation. This will allow the end user to log in to their workstation using the new password without interruption.
- Navigate to Customer > Your relevant Company > End-User Accounts.
- Use the "Computer Name" column on the list view to observe the latest AD Workstation detected for the user. This is the workstation where Quickpass will attempt the cache credentials update.
- Action a password reset via any of these methods explained earlier in this document
- Quickpass will automatically try to update the cache on the AD workstation. Refresh the "End-User Accounts" page and observe the status icon located in the "Cached Credentials Status" column.
- If you see a green checkmark appear for your account entry, then Quickpass was able to successfully update the cached credentials. The end user will now be able to use the new password even if they leave the contact of the AD network.
How retrying for a failed cached credential works
The QuickPass desktop agent will initiate an attempt to update the cached credentials within 14 days of a password update. If 14 days pass without a successful connection and update, a logged event called "Cached Credentials Update Failed" will be generated.
Please be advised, if the workstation agent comes back online after the 14-day period, no additional attempts to update the cached credentials will be made.
The Quickpass Validation Service Service
The Quickpass agent installed on the AD workstations will contain a specific service called the “Quickpass Validation Service". This service will be used to update the cached credentials on the local machine.
- Name: Quickpass Validation Service
- Description: This service is used to automatically validate and refresh cached credentials upon an AD account password update.
List of Cached Credentials Status
Here is a list of all available statuses you may see with this feature.
Indicates the account has been signed into an AD workstation machine successfully.
This can also indicate the Quickpass desktop application was able to update the cached credentials.
|Waiting for Connection
Quickpass is attempting to update the local credentials of an AD workstation. A local cache update is in progress or is retrying.
|Agent is not installed
Indicates the account has not signed into any AD workstation machine that has the Quickpass agent.
Supported Servers and Workstations
Server Agents (Agent Roles: AD Server, AD Member)
Workstation Agents (Agent Roles: AD Workstation)
If you are experiencing difficulties with having the desktop agent update the local cache, you may want to check to see if your endpoint protection tools are preventing the Quickpass Validation Service from running.
Article is closed for comments.