I'm not an expert on OWA, but as you mentioned in the first part of your message the DC performs the check against the PDC to see if the password has been changed. So long as OWA is using a DC to authenticate a user, which I'm assuming it does, then the DC will handle the PDC check invisibly.
The replication interval wont have any effect on the PDC getting notified of the change as a separate mechanism is used to inform the PDC of the change. If your OWA is sitting on a secure network along with a selection of DC's, is it possible that the DC's there can't contact the PDC due to firewall rules? Also, check if you're using AvoidPdcOnWan - http://support.microsoft.com/?kbid=225511 Regards, Mark. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Figueroa, Johnny Sent: 02 November 2005 09:52 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OWA after resetting password This is all in an Exchange 2003 and AD 2003 environment. I wonder if I have this right?. When the help desk resets a password in ADUC, that password change is made against the DC that the tool is connected to and the PDC Emulator. If a user logs on to the network the authenticating DC checks the password against its database, if the passwords do not match then it goes to the PDC Emulator to resolve the conflict and the user gets on with the new password. If a user is only an OWA user and he tries to logon to OWA after a help desk password reset, it appears that if replication against the DCs in the Exchange AD site has not happened then the new password is not recognized. In other words there is a delay between resetting the password and the user being able to sign on with it. I take it that OWA does not check against the PDC Emulator but just the DCs in its site. Is there anything that can be done about this, other than reducing the interval for replication on the site connector? Thanks Johnny Figueroa Enterprise Network Consultant/Integrator Network Services Banner Health Voice (602) 495-4195 Fax (602) 495-4406 WARNING: This message, and any attachments, are intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or employee/agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of the communication is strictly prohibited. If you receive this communication in error, please notify us immediately List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ------------------------------------------------------------------------ For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. ------------------------------------------------------------------------ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
