Starting with version 3.0, Enzoic for Active Directory includes an optional Windows client application that can be deployed to domain-joined Windows workstations in your organization to provide users with better feedback and assistance when selecting a new password. The Windows client application augments the built-in Windows password change screen by adding text to indicate what your password requirements are and in the case of a rejected password change, additional details as to the reasons. For example, if a user’s password is rejected due to being a known compromised password, they will be informed of this fact and asked to select a different password.
NOTE: If you are running a 3rd party credential provider on your Windows workstations (to support multi-factor or biometric authentication, for example) the Enzoic Client will typically NOT work. These types of credential providers generally must make themselves the default and disable other credential providers on the system.
The installer is available as an MSI to ease deployment via GPO. Microsoft .NET Framework 4.5 is required.
Links to download the most current version (Domain Controllers must all run the same version):
https://cdn.enzoic.com/files/EnzoicForADClient_3.0.378.0.msi (MD5: 41112b102564bb359f85c1aabb883b66)
Read the current release notes.
You can use GPO push installs to easily install the Enzoic for Active Directory Client to multiple user workstations. Note that the Enzoic Client requires .NET Framework 4.5, which does not get installed automatically when running the MSI installer.
Create a distribution point:
Create a Group Policy Object:
Prepare the Group Policy Object:
Complete the Installation:
Windows will now install the Enzoic for Active Directory Client on the targeted systems the next time they are restarted.
If the client is failing to deploy via GPO, check the following:
Does the GPO apply to the affected system?
Check the Scope tab on the GPO in the Group Policy Management Console to ensure the affected workstation(s) are covered by the GPO.
Have the affected workstation(s) been restarted?
In some cases it may take two reboot cycles before the GPO gets deployed.
Is the distribution point share and MSI accessible by the affected system(s)?
Check that they can access the share and MSI.
Do the affected system(s) have at least .NET Framework 4.5 installed?
The MSI will not handle installing this, so you will need to ensure that all target systems have at least .NET Framework 4.5 before pushing the Enzoic Client.
Check the Event Log on the affected system for GPO or install failures occurring after the reboot.
If the installer is failing, there should be some indication here.