I've come in to this a little after the fact and got somewhat befuddled with how it's come about and been unable to find similar issues with searches here or via google.
We have a Windows domain, mostly Server 2008 with HyperV virtualisation.
internal domain name is "fullcompany-name.local" which is quite some typing to we also use a shorter NETBIOS name "company" for user to login company\username format.
The sysadmin quit so passwords were changed (not sure how, it was before my time) and having been asked to do a security review I uncovered the following behaviour...
company\administrator uses the new secure password
fullcompany-name\administrator still uses the old password (some services like Exchange have limited or no access / function with this login)
the only machine not following this trend is the DC which requires the new password in both username formats.
we've rebooted servers (not the DC) with no change
how can I resync the admin account?
also how do i prevent this happening again and make sure users aren;t leaving a trail of back doors behind them everytime they reset their password?