Someone
asked on
How to make the old password invalid once I change it in Active Directory
Hello IT people
When I change the password for a user in Active Directory, the user can use the old password for some time. How could I change that so the old password become invalid once I change it?
ASKER
I mean they are able to log in with the old password after I change it, for some time, let's say for 24 hour.
yes the computer is on the LAN.
yes the computer is on the LAN.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes I have multiple DCs, and are they replicate without errors. But I'm afraid that I can't restart them for now š
I'll check if it is related to the NTLM authentication or not
I'll check if it is related to the NTLM authentication or not
You need to set password policies in AD to remember the history of passwords and prevent reuse of passwords for the same user: Enable the 'Enforce password history'.
SeeĀ Password Policy (Windows 10) - Windows security | Microsoft DocsĀ
SeeĀ Password Policy (Windows 10) - Windows security | Microsoft DocsĀ
Are you saying that the user can continue to be logged in after you change the password or that they are able to log in with the old password after you change it?
Is the computer on the LAN with the DC when they use the old password?