Good idea if we were using ADUC for the help desk but we are not. We're using a third party tool for the helpdesk to reset passwords, etc.. That we can't point to a specific DC :-(
Diane -----Original Message----- From: Hayes, Shawn [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 11, 2002 5:43 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Password changes and password must change Have the helpdesk switch the context of the domain controller to a DC at the site the user works at and reset the password there. Crummy work around. Open AD Users and computers, Right click on Active Directory Users and Computers in the left hand tree view and Select Connect to Domain Controller.......it is straight forward from there... Or setup a batch file calling repadmin /sync you will need to run the repadmin /? To get the rest of context. You specify the domain name, server name and server GUID I believe. That is the only way I know of to force intersite replication. -----Original Message----- From: Narkinsky, Brian [mailto:[EMAIL PROTECTED]] Sent: Monday, June 10, 2002 8:55 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Password changes and password must change Password changes are replicated immediately. However, the attribute for password expires follows normal replication procedures. So you get a confusing lag. Seen the exact same thing at our help desk. Brian n-----Original Message----- From: Ayers, Diane [mailto:[EMAIL PROTECTED]] Sent: Monday, June 10, 2002 8:47 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Password changes and password must change Folks: I've gotten some calls from our help desk where they are resetting passwords for our users. When a user calls in to have their pwd changed, they reset the pwd for the user and then verify that "password must change on login" is checked. When the user logs in, the new pwd is in effect but the "password must change on login" is not being enforced. Later when the user logs in, they are forced to change their pwd (again). I'm assuming that it's a combo of replication delays between the new pwd being enforced and of the "password must change on login" attribute. We are at Win2K SP2SRP1 AD native mode for user accounts. Workstations are still in the NT 4.0 sp6a resource domains and a mix of Win2K, NT and Win9x. Anyone have any insights? Diane List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
