Change-password reminder pops up every day

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi!

I've a problem with some clients;

When a user is told to change his/her password because it'll soon expire, and he does it, it looks like it's not updated in AD, because the next time the user logs on, a new reminder pops up.

This continues until the countdown has reached 0 days, but the account is not locked out.

Can anoyone help me, this is pretty annoying...

Best regards,

Vidar Ibenholt
 
Hi Vidar-

Double check your AD Replication for your domain. Start with your DNS Server
and that it has A records and PTR records for every DC in the domain. Use
Replmon to manage replications and check your event logs.

--
Thanks,
Richard Moreno
MCSE NT4\2000, MCSA 2000

This posting is provided "AS IS" with no warranties, and confers no
rights.



Ibenholt said:
Hi!

I've a problem with some clients;

When a user is told to change his/her password because it'll soon expire,
Click to expand...
and he does it, it looks like it's not updated in AD, because the next time
the user logs on, a new reminder pops up.
 
Richard, thanks for the tip.

I've added these PTR records in my DNS.

But do you really think this has anything to do with my problem??

This scenario is not common for all the users, only about 10% of them experience this annoying scenario. I've 2 different domains, and this is happening in both of them..


Regards,

Vidar Ibenholt
 
Hi Vidar-

Only 10% of your user base? Now this is some strange stuff....

Ok, are all your DC's replicating correctly? Use REPLMON and FRS Event Logs
to verify in your domain. What about your Site topology? Do you have
scheduled replications between certain DC's??? That may be the issue here.
Here's a tool pak from MS that you could use, particulary the lockoutstatus
tool which lists the user account status after polling EVERY DC in your
infrastructure. This might lead you to see which DC's are out of sync.

http://www.microsoft.com/downloads/...9c-91f3-4e63-8629-b999adde0b9e&DisplayLang=en

--
Thanks,
Richard Moreno
MCSE NT4\2000, MCSA 2000

This posting is provided "AS IS" with no warranties, and confers no
rights.



Ibenholt said:
Richard, thanks for the tip.

I've added these PTR records in my DNS.

But do you really think this has anything to do with my problem??

This scenario is not common for all the users, only about 10% of them
Click to expand...
experience this annoying scenario. I've 2 different domains, and this is
happening in both of them..
 
Richard

Thanks for your help, but I can't see anything wrong in my domains.. We also had this situation when we only run on 1 DC, so it can't be a sync problem.. (??

I've called Microsoft Technical Support, and they have given me some clues to troubleshoot this... I'll post a new message when the case is closed

Regards

Vidar
 
I have seen this if they change the password when prompted but do not
restart. Unlocking and logging in both displayed the message until a
restart.
--
Richard McCall [MSFT]

"This posting is provided "AS IS" with no warranties, and confers no
rights."
Ibenholt said:
Richard,

Thanks for your help, but I can't see anything wrong in my domains.. We
Click to expand...
also had this situation when we only run on 1 DC, so it can't be a sync
problem.. (??)
I've called Microsoft Technical Support, and they have given me some clues
Click to expand...
to troubleshoot this... I'll post a new message when the case is closed.
 
As promised, I return with more information regarding this case

I've been working with Microsoft Support Team to isolate the bug, and the conclusion is that there is a bug in the msgina.dll. They have a internal fix for XP on this scenario, and now they are working on it to port the fix to Win2k. I expect a fix will be released soon

By the way, the tip to restart the computer when you change password works, then you won't be prompted to change password next time you log in

Ibenholt
 
Back
Top