Solved

Query on changing password in AD

Posted on 2009-03-29
1
198 Views
Last Modified: 2012-05-06
Hi Guys

I have something that is stumping me...

If I change my password within AD (we are running at 2003 functional level)...is this change made on the DC I am connect to (as can be seen using the SET command on the local PC), or the PDC Emulator?

I am just trying to get my head around what the PDC Emulator actually does? I thought all DC's in a domain were equal to others?

Cheers!
0
Comment
Question by:kam_uk
1 Comment
 
LVL 27

Accepted Solution

by:
bluntTony earned 250 total points
ID: 24013035
The password change will be made on the domain controller you are connected to. The change is then replicated around the domain as a
However, the PDC emulator gets preferential replication for password changes - it will be informed as soon as possible, regardless of it's location. Even if it's the other side of a site link, the change will replicate ASAP. The reason for this is -
When you log in, if the authenticating DC refuses your password, the request is then automatically referred to the PDC emulator (just in case your password has been recently changed). Only when the PDC emulator also refuses the password will your login attempt fail.
This link explains the three type of replication including password changes: http://blogs.technet.com/kenstcyr/archive/2008/07/05/understanding-urgent-replication.aspx
Hope this explains...
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now