Active Directory Issues

Active Directory Issues » Users can't login to the domain after remote password changes

Users can't login to the domain after remote password changes

Problem:When admins change the Active Directory user password on a remote domain controller that holds the primary domain controller (PDC) Flexible Single Master Operation (FSMO) role, the user may not be able to log on to a local domain controller using the new password. However, the user will be able to use their previous password to log on to the domain.

Reason:The remote domain controller has not yet replicated with the local domain controller.

Solution:Install the latest service pack for Windows 2000.

However, users will not be able to change or reset their passwords on their own without IT assistance. ADSelfService Plus offers a solution with the self-service password reset (SSPR) feature that enables users to reset password from their login screen of their Windows, macOS, and Linux machines.

Admins can also enable the DC Updater option that ensures the new passwords are updated in Active Directory without any delay. Meaning, when a user from a specific OU resets their password using ADSelfService Plus, the data is quickly updated in the DCs assigned to that OU, in the same order, as configured under Site Based DC settings.

It also offers:

  • Password change: Allow users to change their Active Directory passwords from a secure portal using any web-browser.
  • Enterprise SSO: Provide Active Directory authentication for SAML-enabled apps to allow users to access multiple enterprise applications with a single login.
  • Password sync: Synchronize Active Directory user password resets and changes with connected applications.
  • Remote password reset: Allow users to self-reset their passwords and update their cached credentials even when not connected to their corporate network.
  • Password policy enforcer: Enforce custom password policies for Active Directory and cloud user accounts, based on their OU, group, and domain membership.

And more. ManageEngine ADSelfService Plus will act as a one-stop solution for all your password management troubles.

Allow users to reset Active Directory and Office 365 passwords, from anywhere.

Get Your Free Trial

Self-service password management and single sign-on solution

ManageEngine ADSelfService Plus is an integrated self-service password management and single sign-on solution for Active Directory and cloud apps. Ensure endpoint security with stringent authentication controls including biometrics and advanced password policy controls.