Users must change their password on next login - Oh no they don't!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

StumpedTechy

Thread Starter
Joined
Jul 7, 2004
Messages
7,235
On our domain when we check the "User must change their password at next login" box on their user account they don't get prompted to change it the first time they log in after that (even after waiting awhile). Instead they log in one more time with their OLD password (and if they try and access Outlook they get the UserID/Password/Domain prompt). They then have to log off and relog back on a second time before it prompts for a password.

Any ideas why this can be happening this is on 3 types of clients so I am thinking its domain related but I don't even know where to begine.

All users are able to access all domain resources fine have the correct IP and DNS information for the AD server

Oh yeah a few more wierd things. The second I tick and apply the "User must change their password at next login" our exchange server asks them for a username password and domain as thoguh exchange has already wanted to force a password change.

Woohoo yet another symptom any Domain user ID that has not been changing the passwordi n the past is having theis problem but a newly created domain user does not have this issue at all.
 

StumpedTechy

Thread Starter
Joined
Jul 7, 2004
Messages
7,235
But my question is why is it wanting for them to log on 1 time before it updates that they must change their password. On a second note WHY is Outlook giving an error as soon as the little box is ticked? I mean if they have not even logged out 1 time then it should still use their old userid and password and not have outlook asking for a userid and password.

Also this is occuring each time I check the little tick mark to change the password at next log in. I have changed my own user account about 8 times now having to log on the 2 times for it to take effect.

Here is the symptom.

In AD under the users account information I check the tick mark to change password at next login hit apply and okay, without any reboot on the PC side where the user is at hit send and recieve in the email client (outlook) and get a log on prompt with userid/domain/password, reboot the PC and log on with my original password (no prompt to change password), open outlook (still get the login prompt), close outlook and reboot a second time, then put in original password and this time getting the prompt to change the password, change password, and then am able to open up outlook.

PC type does not matter we have 3 different clients all getting this. Also moving a user from oen PC to another is not resolving this either.

I am almost convinced its some kind of AD/GPO issue but I am not sure where this can be coming from. I looked at the GPO's but didn't see anything glaring but if someone has any specifics to check feel free to point them out.
 

StumpedTechy

Thread Starter
Joined
Jul 7, 2004
Messages
7,235
Its not client side because I have done 4 builds since friday and ALL of them exhibit the same symptoms this is with a fresh XP install from disk not even a ghost image.

Also I have looked over all of the GPO's and even reset them all to disabled just as a test with still the same result.

Thanks for the link though and keep the ideas coming as this one HAS to be resolved and I am putting alot of effort into background testing that could go to device rollout.
 

StumpedTechy

Thread Starter
Joined
Jul 7, 2004
Messages
7,235
Shameless bump with information.

I am attaching a audit log of all successes and failures. I changed (at 9:23) the prompt for me to change the password on my next login.

You will note the early 9:24 login I had a mislogin then later on 9:24 I had a succesfull login (though I could not reach any network resources). At 9:29 is where I logged of and logged back in and you will note I got the prompt to change the password (Logon failure account has expired). Then I did one more log off and log back on (as normal) at 9:35.

What I am not seeing in these logs is anything major that is a culprit and lastly I can't figure how this can be client side with so many different clients and builds on our network. I.E. XP, and 98, I.E. fresh os builds from a OEM disk and factory builds from the manufacturer, I.E. Static IP and DHCP IP clients, I.E. Different manufacturers of PC's HP, Toshiba, Compaq

One question though I know its not related why is windows firewall detecting anything even though its disabled? I know this isn't the root cause because it is hapening on windows 98 machines as well.
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top