[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

User keeps being prompted to change their password

Posted on 2004-08-03
22
Medium Priority
?
601 Views
Last Modified: 2010-03-18
I'm running a Windows 2000 Domain, with Windows 2000 Professional Clients.  I have one user that is prompted constantly to change his password (like every 4 days).  This goes against all the effective policies that are set at all levels.  I've also updated the machine and have reset his password, and have double checked the policy settings.  I can't find the issue.  Please help!
0
Comment
Question by:jigitty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
  • 5
  • +3
22 Comments
 
LVL 15

Assisted Solution

by:adamdrayer
adamdrayer earned 300 total points
ID: 11709304
In Active Directory User and Computers, Right-Click the users name and select properties.  On one of those tabs, is the option to force user to change password every so often.
0
 

Author Comment

by:jigitty
ID: 11709513
adamdrayer,

I have checked all the Active Directory Options regarding passwords.  All of those options were unchecked and the user's password is not set to expire at a certain time.  Thanks for the help.  Any other advice would be greatly appreciated.
0
 
LVL 4

Assisted Solution

by:james_in_hardware
james_in_hardware earned 300 total points
ID: 11709662
So I am guessing you are managing the users thru AD and not as a stand alone correct?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 11

Expert Comment

by:Eric
ID: 11709686
Do a GPresult to see if a GPO is overriding the user setting.
Or download tha tnew GP managment tool for XP
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 11709815
>>All of those options were unchecked

just making doubly sure...  password never expires should BE checked maybe?

0
 
LVL 4

Expert Comment

by:james_in_hardware
ID: 11709844
Yes.........unless you want to set them up to require a password change every certain number of days for secuirty reasons.
0
 

Author Comment

by:jigitty
ID: 11710304
james in hardware is correct....we have it set so that the user must change their password every 45 days, however, for this user.... he changes it, and its telling him he needs to reset his password in 4 days AGAIN, and I don't understand why its doing that.....thanks for your help guys I really appreciate it, keep the ideas coming please!

P.S. we are managing users through AD, sorry i guess i didn't make that clear.

I'm thinking it HAS to be a policy but the only policy we have set is at the domain.  there are no other policies.  and if i'm correct domain overrides local policies right?!?!
0
 
LVL 4

Expert Comment

by:james_in_hardware
ID: 11710449
Yes....domain policys override local polices..........is this user attached to any other groups that the others are not?
0
 
LVL 11

Expert Comment

by:Eric
ID: 11710493
Run this on the PC in question:
http://www.microsoft.com/windows2000/techinfo/reskit/tools/existing/gpresult-o.asp

post the result.  Do verbose, not very verbose.
at a command line do the gpresult /? to see command line switches.
0
 
LVL 4

Expert Comment

by:james_in_hardware
ID: 11710498
We could delete the user and recreate him since it probally will not be a big deal thru Active directory and then that will set him to only defaults and then add him to the nec. groups........that will enable us to make sure he has no added policys on his user account.
0
 
LVL 11

Assisted Solution

by:kabaam
kabaam earned 300 total points
ID: 11710552
Just a thought.  AD should remember when the last time the user changed the password. Try changing the password on the server and see if the results are the same.
Is this user changing their password on the same computer each time?
Are any other users using the same computer to do so?
Does this user have a local account on the computer or just the domain account?
0
 
LVL 4

Expert Comment

by:james_in_hardware
ID: 11710578
You shouldnt be able to setup a password reset policy by a certain number of days on a local machine if I am not mistaken.
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 300 total points
ID: 11714381
I would reset the local machine and possibly the user policy, then reapply the domain policy.  Group policies SHOULD override local policies, but if there has been misconfiguration in the past, then they won't always work properly.
0
 
LVL 11

Expert Comment

by:Eric
ID: 11715749
check whish DC the client is logging into also.  Verify the policy is being replicated to that heap.  Duno why it would only be one PC though unless you setup a perfered server policy of some sort.
0
 

Author Comment

by:jigitty
ID: 11716443
The only policy set is at the domain root.  The OU's have no policies.  Today I'm going to check his policies again, then reset the machine on Active Directory.  Last resort would be to delete the account and recreate it, because then I'll have to reset all his permissions to network drives.  I'll let everyone know what happens.
0
 
LVL 11

Expert Comment

by:Eric
ID: 11716590
Try the gpresult before doing this..  I had a simular problem.. and fixed it by something I found this way.  Plus you will feel better if you know why its happening vs. blowing out an account and no knowing.  (which you still may have to do, but should be a last resort.)

do the output to a text file   command > gpo_username.txt            ( "> filename"  sends out put of any command line to a file instead of screen)

post the results

0
 

Author Comment

by:jigitty
ID: 11763779
Sorry it has been so long everyone, I've been waiting on the user to report back to me.  I reset his machine on the domain.  Also, from the gpresult, he's was only getting local and default domain policy (set at the root of the domain, and overrides the local policy).  So far after wiping the machine from the domain, everything seems to be ok.  It may be a while before I can give out the points because I need to make sure this is working.  But if you have any other suggestions please let me know.
0
 

Author Comment

by:jigitty
ID: 12005763
Hello again,

Well the user reported back to me, and the problem still exists.  I reset his computer on the Domain, and I reset his password.  He didn't have to reset it at all for the correct amount of time. After the time period he was prompted to change it and now its prompting to change his password every 4 days.

HELP!!!!!!! PLEASE!
0
 
LVL 11

Accepted Solution

by:
Eric earned 300 total points
ID: 12008129
does he have the same problem on a different machine?
could be a corupt profile
0
 

Author Comment

by:jigitty
ID: 12163702
Update...like 2 weeks ago I gave the user another logon.  I have him logon at least once a day.  We'll see if this user does the same thing.  I haven't forgotten about this, just still testing everything.
0
 
LVL 11

Expert Comment

by:Eric
ID: 12163807
I know how that goes ;)

I have a few Q's doing the same thing... it can take time depending what it is.

G-luck
0
 

Author Comment

by:jigitty
ID: 12436678
Well I haven't forgotten about this....i talked to the user today, and he said it magically stopped.  HOWEVER, another user came to me today and had the same exact problem. Go figure! So i'm at a loss!  I apologize for the length of time its been.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question