zackinma
asked on
Password Problem in Active Directory
Hi
I am having a problem with active directory and passwords. I am running 3 servers in a windows 2003 domain. All servers are 2003 server standard and 2 are domain controllers.
my problem is this. when a user's password expires they have to change it, which they do with no trouble. but from that point forward they are prompted for user id and password to access network resources. when they open outlook to check e-mail with exchange, they get prompted for their password, when they enter their NEW password it works ok. Also their home folders do not get mapped at logon, and they get a message at log off that their roaming profile can not be saved.
if you attempt to access server resources using UNC via \\servername you get prompted for a password, once entered you can access resources.
Active Directory is supposed to provide a single point of logon, and i have not had any problems in the past with users and passwords which have been changed in the past.
i have rebooted all servers, and the PDC seems to be working fine. It passed tests using dcdiag and netdiag w/ no problem and there is nothing in the event log.
Users who have not changed their passwords continue to have no problems until they do change their passwords. once they do change passwords, the problem affects them also, so they lost mapped drives, and have to neter password to check their domain e-mail w/ outlook/exhcange.
It would seem to me that maybe their old password is cached somewhere on the domain controller and isn't being updated, so it's throwing a authentication box. I have tried logging on affected users from different workstations that they never used where domain credentials aren't cached and the same problem is there.
as more users change passwords when they expire more are being affected so i am in search of a solution and any help is much appreciated.
I am having a problem with active directory and passwords. I am running 3 servers in a windows 2003 domain. All servers are 2003 server standard and 2 are domain controllers.
my problem is this. when a user's password expires they have to change it, which they do with no trouble. but from that point forward they are prompted for user id and password to access network resources. when they open outlook to check e-mail with exchange, they get prompted for their password, when they enter their NEW password it works ok. Also their home folders do not get mapped at logon, and they get a message at log off that their roaming profile can not be saved.
if you attempt to access server resources using UNC via \\servername you get prompted for a password, once entered you can access resources.
Active Directory is supposed to provide a single point of logon, and i have not had any problems in the past with users and passwords which have been changed in the past.
i have rebooted all servers, and the PDC seems to be working fine. It passed tests using dcdiag and netdiag w/ no problem and there is nothing in the event log.
Users who have not changed their passwords continue to have no problems until they do change their passwords. once they do change passwords, the problem affects them also, so they lost mapped drives, and have to neter password to check their domain e-mail w/ outlook/exhcange.
It would seem to me that maybe their old password is cached somewhere on the domain controller and isn't being updated, so it's throwing a authentication box. I have tried logging on affected users from different workstations that they never used where domain credentials aren't cached and the same problem is there.
as more users change passwords when they expire more are being affected so i am in search of a solution and any help is much appreciated.
Kevin Hays
Sounds like the two DC's are not fully replicated at this point. Just need to make sure replication occurs and both are replicated with one another.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.