Hey folks,

The issue we currently have in our organization is that when a user changes their password on their workstation as it has expired after x number of days, if they forget to update their password on their iOS (even Android device for that matter but we don't allow these), then these iOS devices constantly try and access the exchange email and Wifi (RADIUS server uses AD authentication as well for WiFi) with their old password and this setup locks their AD account after 3 failed login attempt. It's a total PITA as users only have about 15 ~ 20 minute windows to update their passwords on their iOS devices before their AD account will get locked out. A lot of users either forget to update their passwords or forget devices at home sometimes and help-desk gets a lot of calls every month just dealing with this issue.

The current workaround for now is MDM solution by Airwatch where the iOS device enrolled into Airwatch at least does not locks user's AD account if they forget to update their password. There are some WiFi profile issues we have now with AirWatch on top of that due to the RADIUS server authentication. Email profile works fine.

Any solution out there where changing password on a workstation will not lock and still get these iOS devices to have the email and WiFi communication flowing without updating the password on the device itself?

This seems to be a very common issue across other enterprises as well.