Solved

User password not updating from DC to Terminal Server

Posted on 2014-01-28
9
1,335 Views
Last Modified: 2014-04-30
I have a user that changed his AD password last week, but he is logging in to a Windows 2008 Terminal Server using his old password.  The DC is running on Windows 2012 Server.
How do I get the Terminal Server to update user credentials?
0
Comment
Question by:I812
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39817008
This hotfix will most likely resolve the problem for you:
http://support.microsoft.com/kb/2845626

Jeff
TechSoEasy
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 39817009
Hello

If this is happening your TS can't "see" a domain controller for some time.
log on on the TS and do ping %logonserver% to have the name of current controller, then check the network connectivity to this controller.
In a perfect network where you declared all IP subnets on AD your TS should talk with the controller in the same site.
Dan
0
 

Author Comment

by:I812
ID: 39818286
pinged by logon, then by name
see below

ping %logonserver%
Ping request could not find host \\CYPRESS. Please check the name and try again.


ping cypress

Pinging cypress.pacaids.com [192.168.32.12] with 32 bytes of data:

Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
Reply from 192.168.32.12: bytes=32 time<1ms TTL=128
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:I812
ID: 39818299
I was mistaken on the Version of Windows Server
The terminal Server is Windows Server 2003 (not 2008, like I had reported)
The hotfix recommended by Jeffrey was for 2008
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 39818323
one site only?
you can try to deactivate the firewall on the 2012 server? (dont stop the service, this is take as attack)

Dan
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39819928
The reason you didn't get a response from ping %logonsever% is due to the cached credentials not being in sync.

There should be errors in your event log which will provide information about what is causing the problem. Please review that to see..

Jeff
0
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 500 total points
ID: 39948729
If your still having this problem, add the Domain Controller's IP and computer name to the host file on the terminal server.  Verify the user is changing his Windows login password and not a password for something else.

Also, verify the terminal server is logged into the domain and not logged in on a local account.
0
 
LVL 22

Expert Comment

by:dan_blagut
ID: 40033318
Hello

If that's the correct solution you should check closely the DNS on the TS server / domain.

and maybe you will find more :(

Dan
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question