Query on password changes in an AD environment
Posted on 2010-01-05
I had some queries on password changes in an AD environment I was hoping someone could help me with.
We are running AD 2003 in our domain. Let's say we have three AD sites; London, Paris, Munich.
Each AD site has two DC's, apart from London which has three. LON-DC3 is the PDC Emulator.
The replication interval between London and Munich is set to 180 minutes.
QUESTION 1: Let's say that someone makes a password change on MUNICH-DC1. Is this change replicated to the PDC Emulator immediately? Or will it be replicated at the next replication cycle (so up to 180 minutes)?
QUESTION 2: Let's say that User1's account is locked out, and has been for about 5 days. On MUNICH-DC1, the account is unlocked. The user then tries to log onto a client machine in Munich. Assuming AD SItes and Services is set correctly with all Munich IP addresses pointing to the Munich site, would he be able to log on, or would he need to change for the password change to be replicated to the PDC Emulator?