Solved

gpudate /force  over PPTP

Posted on 2013-01-04
7
683 Views
Last Modified: 2013-01-07
I have several users that work from home but their systems were setup to be in our domain. When they change their password (via a 3rd party tool that updates our domain controller from a web interface) and then try to run a gpupdate /force it will not complete so their local machine doesn't know that the password as been changed.

I do understand that it has to do with the DNS not finding the domain controller. However, I am hoping there is a way to force this to process sucessfully through a batch file or something that they can run once the have the VPN connection active.

Has anyone else already came across this? How did you resolve it?
0
Comment
Question by:CCG3
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 17

Assisted Solution

by:Kent Dyer
Kent Dyer earned 200 total points
ID: 38744854
It sounds like your systems are not registered on the domain..  With that said, you cannot use login scripts, GPOs, etc.  I know with ours, we can change the password in the native system, OWA or in an RDP Session..  Really, it should be as simple as logging in, changing the password, locking the system and unlocking with a new password.

HTH,

Kent
0
 

Author Comment

by:CCG3
ID: 38744947
No these systems are registered on the domain I know this because when they were here we set them up in the domain. I am also testing this with a laptop that hits our domain all the time and I am trying to run the GPUpdate /Force over the VPN and getting the error the same error that the remote users are getting.

Error:
Updating Policy...
User policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows attempted to read the file \\MYDomain.com\SysVol\MYDomain.com\Policies\{D860D7F2-25D7-47E6-B79B-5C9846350F39}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and
could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controlle
 has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Computer Policy update has completed successfully.
0
 
LVL 22

Accepted Solution

by:
yo_bee earned 300 total points
ID: 38746191
Are you looking to just sync the domain cached credentials on the out of office machince with the updated domain credentials?

If so this very easy.  

1: Log on to the local machine with the credentials that are cached
2: Start your VPN and make sure they can see the system (try browsing for a network folder)
3: Lock the computer by pressing Ctrl + Alt + Del > Lock Workstation
4: Unlock the computer by press Ctrl + Alt + Del > enter in the new password that is regeistered with the Domain.
The should sync the cahced credentials on the machine.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:CCG3
ID: 38751416
Thanks yo_bee, I thought the same thing but he says he gets an error when he does that. I will reset his password and get him to do that again and then give me the exact error he gets.
0
 

Author Comment

by:CCG3
ID: 38752471
ok when he does this he is getting the error:
Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied.
0
 

Author Comment

by:CCG3
ID: 38752531
It was a DNS issue. I had him manually enter in the DNS for our network and he was able to change his password.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 38752545
Nice.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question