Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can only authenticate to shared drives using old password

Status
Not open for further replies.
niallo32

niallo32

IS-IT--Management
Apr 29, 2004
404
IE
I have Active Directory running on Windows Server 2003 in one Domain and AD running on Windows 2000 Server Professional in another Domain. They are both on the same Network.

When a user tried to connect to a shared drive on Domain A, while logged into Domain B, in the Username field, he enters - Domainname\Username and then enters his password below.

It will only accept his original network password that he used when he first joined the company a few years ago.

Does anyone know why this happens?
 
Sort by date Sort by votes
You need to provide more info. Are these domains in the same Forest? Is one of them child the other one parent domain? Or they are completely independent 2 donains in the same forest?

A+, MCP(2003)
 
Upvote 0 Downvote
i had this problem with a computer in the DMZ. I changed my logon and for weeks it would only accept my old password.

Turned out the DMZ computer could not properly communicate with the domain controllers and was using cached logons.

Anything similar possible in your environment? i.e. firewall between that computer and DC's?
 
Upvote 0 Downvote
Both Domains are in the same forest and have different Active Directories, but the one (The domain which only accepts the old password) is Windows 2000 Native run on a Windows 2003 Server & the other domain is Windows 2000 Mixed run on Windows Server 2000.

They are independent domains in the same forest.

The Server 2003 Domain Controller has a gateway equal to the IP Address of the ISA Server (10.0.x.x)

The Windows 2000 Server has a Gateway equal to the IP Address of a Cisco router.

Thanks
 
Upvote 0 Downvote
I've just spokem to the user and he tell me that when he changed his password on Domain B (Windows 2000 Server password), his password would be automatically updated on Domain A - does this make sense??
 
Upvote 0 Downvote
The Server 2003 Domain Controller has a gateway equal to the IP Address of the ISA Server (10.0.x.x)

The Windows 2000 Server has a Gateway equal to the IP Address of a Cisco router."


Has this been always like this, I mean since you built these domains...

I believe this is what is going on; Since these two domains in the same forest, they are suppose to communicate thru Global catalog server. W2K3 DCs are not GC by default unless you changed them, so I belive your Domain B (W2K DC) is the global catalog. But, another rule of thumb is both domains must be in the same WAN gor GC replication to occur.

For some reason, GC in Domain B can not update Domain A. If you built them in the same WAN at the beginning then changed the networking on them may cause Domain B not updating Domain A for Universal group caching. This could be the reason.

A+, MCP(2003)
 
Upvote 0 Downvote
Thanks for the reply.

Is there anyway that I can check this?

Domain A - 2003 is called Domain ABC for example
Domain B - 2000 is called Domain XYZ for example

There is no connection in their names, i.e Domain A is not microsoft.com and Domain B microsoft.de

They both use the same IP Address scheme and have the same Subnet.

Generally, users on either domain can connect to shares on the other domain by authenticating with a valid account on the other domain and using backwards compatibility

For example, user on Domain A, wants to connect to share on domain B

He authenticates as follows - DomainB\UseraccountDomainb
Password



 
Upvote 0 Downvote
How a user from Domain A can change the password for the account in Domain B?
Do those domains have trust relationship?

A+, MCP(2003)
 
Upvote 0 Downvote
No, the user in Domain A cannot change anyone elses password.

What appears to happen, is that when user ABC on Domain A changes his password, his authentication to a share on Domain B, using the user account ABC (Same Name) from Domain B, is no longer valid, and he has to reconnect to the share
 
Upvote 0 Downvote
But how does that user change the password? Is he using the workstation in Domain A and loging into Domain B then therei s a trust between domains.
Or is he using different workstation which belongs to Domain B to change the password.

A+, MCP(2003)
 
Upvote 0 Downvote
That user would change his password either through Ctrl+Alt+Delete or when his password expires due to a Group Policy Setting.

He is not using a Workstation from Domain B

I assume there is implicit trust between the Domains, but how can I check to find out exactly?

Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
234
microsGuy16
microsGuy16
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
204
DTGMI
DTGMI
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
396
gbaughma
gbaughma
dpellegrini
  • Locked
  • Question
Website will load using hostname but not IP address
Replies
3
Views
449
mangentle
mangentle
Mohamed-IT
  • Locked
  • Question
Windows server 2019 password locked
Replies
1
Views
79
strongm
strongm

Part and Inventory Search

Sponsor

Back
Top