Solved

Invalid Password Issue AD

Posted on 2009-07-06
2
242 Views
Last Modified: 2012-05-07
Hello All,

We are having an unusual issue with Active Directory. Intermittently users are receiving an invalid password dialog when attempting to authenticate. I have verified that the users are not typing in the wrong password or any of the basic mistakes that are made. The accounts are not locked out when this occurs and all DC's and GC's are available when this issue occurs. There are no errors in the event log as it is clean mosting informational events and no warnings or errors. Any help would be appreciated.

Thank You~
0
Comment
Question by:ValleyENT
2 Comments
 
LVL 14

Accepted Solution

by:
Shabarinath Ramadasan earned 500 total points
Comment Utility
Check if all the DCs on the local site are well synced.
I suspect one of your DC is not properly synced and whenever a request goes to that DC, its showing invalid DC.

As its difficult to identify from the user end - to which DC the authentication request will be going, I prefer using repadmin or replmon to confirm that the replication is fine.

If you are able to get on account lockedout after multiple entries, you can identify from which server the lockout is initiated.

Hope this helps.

Cheerio
Shaba
0
 
LVL 4

Author Comment

by:ValleyENT
Comment Utility
I rad repadmin and this was the output:

CALLBACK MESSAGE: The following replication is in progress:
    From: 0211cd83-d075-4b5c-ad17-23f8b0ecb234._msdcs.VENT.local
    To  : 8a939b17-3f1e-42d7-8606-373585f8cafb._msdcs.VENT.local
CALLBACK MESSAGE: The following replication completed successfully:
    From: 0211cd83-d075-4b5c-ad17-23f8b0ecb234._msdcs.VENT.local
    To  : 8a939b17-3f1e-42d7-8606-373585f8cafb._msdcs.VENT.local
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now