Invalid Password Issue AD

Posted on 2009-07-06
Medium Priority
Last Modified: 2012-05-07
Hello All,

We are having an unusual issue with Active Directory. Intermittently users are receiving an invalid password dialog when attempting to authenticate. I have verified that the users are not typing in the wrong password or any of the basic mistakes that are made. The accounts are not locked out when this occurs and all DC's and GC's are available when this issue occurs. There are no errors in the event log as it is clean mosting informational events and no warnings or errors. Any help would be appreciated.

Thank You~
Question by:ValleyENT
LVL 14

Accepted Solution

Shabarinath Ramadasan earned 1500 total points
ID: 24786673
Check if all the DCs on the local site are well synced.
I suspect one of your DC is not properly synced and whenever a request goes to that DC, its showing invalid DC.

As its difficult to identify from the user end - to which DC the authentication request will be going, I prefer using repadmin or replmon to confirm that the replication is fine.

If you are able to get on account lockedout after multiple entries, you can identify from which server the lockout is initiated.

Hope this helps.


Author Comment

ID: 24786811
I rad repadmin and this was the output:

CALLBACK MESSAGE: The following replication is in progress:
    From: 0211cd83-d075-4b5c-ad17-23f8b0ecb234._msdcs.VENT.local
    To  : 8a939b17-3f1e-42d7-8606-373585f8cafb._msdcs.VENT.local
CALLBACK MESSAGE: The following replication completed successfully:
    From: 0211cd83-d075-4b5c-ad17-23f8b0ecb234._msdcs.VENT.local
    To  : 8a939b17-3f1e-42d7-8606-373585f8cafb._msdcs.VENT.local
SyncAll terminated with no errors.

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question