Password changes are replicated immediately. However, the attribute for password expires follows normal replication procedures. So you get a confusing lag. Seen the exact same thing at our help desk.
Brian n-----Original Message----- From: Ayers, Diane [mailto:[EMAIL PROTECTED]] Sent: Monday, June 10, 2002 8:47 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Password changes and password must change Folks: I've gotten some calls from our help desk where they are resetting passwords for our users. When a user calls in to have their pwd changed, they reset the pwd for the user and then verify that "password must change on login" is checked. When the user logs in, the new pwd is in effect but the "password must change on login" is not being enforced. Later when the user logs in, they are forced to change their pwd (again). I'm assuming that it's a combo of replication delays between the new pwd being enforced and of the "password must change on login" attribute. We are at Win2K SP2SRP1 AD native mode for user accounts. Workstations are still in the NT 4.0 sp6a resource domains and a mix of Win2K, NT and Win9x. Anyone have any insights? Diane List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
