Possible problem with AD2003 replication
Posted on 2010-09-15
I hate when while solving one problem, you run into another but I was having an issue with a user being constantly being locked out. I employed a Microsoft tool called LockOutStatus which helped me solve that problem but may have uncovered another...
I have 3 Windows 2003 AD controllers and the LockOutStatus tool shows the bad password count on all three. For this particular user, the were all different. AD1 showed 7 bad passwords while AD2 showed 4 and AD3 showed 0. This lack of consistency bothers me with respect to replication.
The "Additional Account Info" tab in UAC shows 4 so it's reading from AD2 but is this normal or show all of these match?
How can I tell if I actually do have a replication problem?