Improve company productivity with a Business Account.Sign Up

x
?
Solved

User password not updating from DC to Terminal Server

Posted on 2014-01-28
9
Medium Priority
?
1,433 Views
Last Modified: 2014-04-30
I have a user that changed his AD password last week, but he is logging in to a Windows 2008 Terminal Server using his old password.  The DC is running on Windows 2012 Server.
How do I get the Terminal Server to update user credentials?
0
Comment
Question by:I812
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39817008
This hotfix will most likely resolve the problem for you:
http://support.microsoft.com/kb/2845626

Jeff
TechSoEasy
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 39817009
Hello

If this is happening your TS can't "see" a domain controller for some time.
log on on the TS and do ping %logonserver% to have the name of current controller, then check the network connectivity to this controller.
In a perfect network where you declared all IP subnets on AD your TS should talk with the controller in the same site.
Dan
0
 

Author Comment

by:I812
ID: 39818286
pinged by logon, then by name
see below

ping %logonserver%
Ping request could not find host \\CYPRESS. Please check the name and try again.


ping cypress

Pinging cypress.pacaids.com [192.168.32.12] with 32 bytes of data:

Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 

Author Comment

by:I812
ID: 39818299
I was mistaken on the Version of Windows Server
The terminal Server is Windows Server 2003 (not 2008, like I had reported)
The hotfix recommended by Jeffrey was for 2008
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 39818323
one site only?
you can try to deactivate the firewall on the 2012 server? (dont stop the service, this is take as attack)

Dan
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39819928
The reason you didn't get a response from ping %logonsever% is due to the cached credentials not being in sync.

There should be errors in your event log which will provide information about what is causing the problem. Please review that to see..

Jeff
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 1500 total points
ID: 39948729
If your still having this problem, add the Domain Controller's IP and computer name to the host file on the terminal server.  Verify the user is changing his Windows login password and not a password for something else.

Also, verify the terminal server is logged into the domain and not logged in on a local account.
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 40033318
Hello

If that's the correct solution you should check closely the DNS on the TS server / domain.

and maybe you will find more :(

Dan
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question