Solved

Query on changing password in AD

Posted on 2009-03-29
1
199 Views
Last Modified: 2012-05-06
Hi Guys

I have something that is stumping me...

If I change my password within AD (we are running at 2003 functional level)...is this change made on the DC I am connect to (as can be seen using the SET command on the local PC), or the PDC Emulator?

I am just trying to get my head around what the PDC Emulator actually does? I thought all DC's in a domain were equal to others?

Cheers!
0
Comment
Question by:kam_uk
1 Comment
 
LVL 27

Accepted Solution

by:
bluntTony earned 250 total points
ID: 24013035
The password change will be made on the domain controller you are connected to. The change is then replicated around the domain as a
However, the PDC emulator gets preferential replication for password changes - it will be informed as soon as possible, regardless of it's location. Even if it's the other side of a site link, the change will replicate ASAP. The reason for this is -
When you log in, if the authenticating DC refuses your password, the request is then automatically referred to the PDC emulator (just in case your password has been recently changed). Only when the PDC emulator also refuses the password will your login attempt fail.
This link explains the three type of replication including password changes: http://blogs.technet.com/kenstcyr/archive/2008/07/05/understanding-urgent-replication.aspx
Hope this explains...
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question