We are running Windows 2003 Active Directory in my domain - contoso.com. We have two AD sites - HQ and Branch1.
An IT user in Branch1 recv's a notification that their password needs to changed: "Your password will expire in 7 days" when he logs onto CL1 (Windows XP) in Branch1. So he connects onto the Branch1 DC and changes his password via ADUC. Note: he has not logged off CL1 - he connects to Branch1 DC using the CL1 session.
He then goes to lunch for half and hour and comes back. When he unlocks his machine, he gets a notification that "YOur will password will expire in 7 days".
The replication interval between Branch1 and HQ is 1 hour. All the FSMO roles are held on HQ DC's.
Can anyone explain this?