We just finished migrating 4 companies with 4 different domains (NT & 2000) into one single windows 2003 domain.
everything, so far, seems to be working fine except when it comes to forcing a user to change a password at next logon.
When I select this option on the server, a user can still login into windows using his/her old password. However, when he tries to access a network share on the server, the system prompts him that his password needs to be changed before he can access the share. The user then logs out of windows and when he logs back in, he gets prompted to change his/her password. its like the active directory does not sense that a user's password needs to be changed untill an attempt to access a network share is made! very odd.
the setup is 2x server 2003 domain controllers with one of them running exchange 2003. Both are DNS servers and one is a DHCP server. About 70 users running a mix of windows 2000 and XP. DNS seems to be working fine on the network (nslookup is happy).
any ideas or questions?
thanks for any help in advance.