Solved

Domain user can't change password from their PC, don't have old password

Posted on 2010-11-30
6
1,008 Views
Last Modified: 2012-05-10
I have a user who is joined to the domain and connected over a VPN connection. Their domain password has been changed and now their computer wants the new password. The problem is that the user does not know the old password.

So there are two problems/questions.

1. Can I find out what the old password was so I can update the desktop
2. When I update the desktop will it update the cached login information so she can log into the domain with the updated password?
0
Comment
Question by:ThorinO
6 Comments
 
LVL 7

Expert Comment

by:TheBDP
ID: 34241747
Can you set VPN to launch before windows? If so this would resolve this issue. If not can you RDP to the machine?
0
 
LVL 7

Expert Comment

by:Sappbrosts
ID: 34241766
is the desktop locked with the old password?  Was the user signed into the desktop when the domain password was changed?

If this is the case, just need to restart the PC and the user should be able to login with the new credentials
0
 
LVL 10

Author Comment

by:ThorinO
ID: 34241781
It is using the Windows based VPN client, I don't know if it can connect before logging in.

The user can log in with the old cached password, however it doesn't take that as the old one when trying to change the password.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 10

Expert Comment

by:lobo797
ID: 34241815
You will not be able to find out the old password, but you can reset the password in Active Directory by 'right clicking' the user account and resetting the password.  

If the login screen is asking for an old password, then a new, go into the AD account by 'right clicking' the user and choosing properties.  On the account tab, unclick the item 'User must change password' and click item 'Password never expires'.  Reset the password to a temp one, log in, then back out.  In AD reverse the process and now the user will know the old password and can change to one they like.

All the best..
0
 
LVL 7

Accepted Solution

by:
TheBDP earned 500 total points
ID: 34241823
Sorry I'm a little lost, can the user login and operate the PC at all, or is it forcing them to change their password as soon as they login even if they hit cancel? Set the password in AD to the same password as the users old password if you're able to get them onto the VPN. Have them lock the PC and then unlock with the same password while connected to the VPN.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34243473
Log in with the cached password....
Navigate to C:\Window\system32\cmd.exe
Rt Click it>Run As... (might need to hold SHIFT+Click RunAs...
Select the user "Domain\Username"
Password is "NewPassword"

This will cache the new credentials on the machine, allowing access via the cached profile with the CURRENT password. No need for the old one.

This is all assuming that the cached profile fully works, and the connection to the VPN works.

Also, sometimes locking the screen while connected to VPN, and entering the new/current credentials will also work. Windows usually tells you it needs the new credentials, and to lock/unlock the workstation....
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now