Solved

gpudate /force  over PPTP

Posted on 2013-01-04
7
682 Views
Last Modified: 2013-01-07
I have several users that work from home but their systems were setup to be in our domain. When they change their password (via a 3rd party tool that updates our domain controller from a web interface) and then try to run a gpupdate /force it will not complete so their local machine doesn't know that the password as been changed.

I do understand that it has to do with the DNS not finding the domain controller. However, I am hoping there is a way to force this to process sucessfully through a batch file or something that they can run once the have the VPN connection active.

Has anyone else already came across this? How did you resolve it?
0
Comment
Question by:CCG3
  • 4
  • 2
7 Comments
 
LVL 17

Assisted Solution

by:Kent Dyer
Kent Dyer earned 200 total points
ID: 38744854
It sounds like your systems are not registered on the domain..  With that said, you cannot use login scripts, GPOs, etc.  I know with ours, we can change the password in the native system, OWA or in an RDP Session..  Really, it should be as simple as logging in, changing the password, locking the system and unlocking with a new password.

HTH,

Kent
0
 

Author Comment

by:CCG3
ID: 38744947
No these systems are registered on the domain I know this because when they were here we set them up in the domain. I am also testing this with a laptop that hits our domain all the time and I am trying to run the GPUpdate /Force over the VPN and getting the error the same error that the remote users are getting.

Error:
Updating Policy...
User policy could not be updated successfully. The following errors were encountered:
The processing of Group Policy failed. Windows attempted to read the file \\MYDomain.com\SysVol\MYDomain.com\Policies\{D860D7F2-25D7-47E6-B79B-5C9846350F39}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and
could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controlle
 has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Computer Policy update has completed successfully.
0
 
LVL 22

Accepted Solution

by:
yo_bee earned 300 total points
ID: 38746191
Are you looking to just sync the domain cached credentials on the out of office machince with the updated domain credentials?

If so this very easy.  

1: Log on to the local machine with the credentials that are cached
2: Start your VPN and make sure they can see the system (try browsing for a network folder)
3: Lock the computer by pressing Ctrl + Alt + Del > Lock Workstation
4: Unlock the computer by press Ctrl + Alt + Del > enter in the new password that is regeistered with the Domain.
The should sync the cahced credentials on the machine.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:CCG3
ID: 38751416
Thanks yo_bee, I thought the same thing but he says he gets an error when he does that. I will reset his password and get him to do that again and then give me the exact error he gets.
0
 

Author Comment

by:CCG3
ID: 38752471
ok when he does this he is getting the error:
Configuration information could not be read from the domain controller, either because the machine is unavailable, or access has been denied.
0
 

Author Comment

by:CCG3
ID: 38752531
It was a DNS issue. I had him manually enter in the DNS for our network and he was able to change his password.
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 38752545
Nice.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick guide on how to use Group Policy to create a custom power plan and set it active on Windows 7.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question