Hi all,

I have a W2K3 domain w/ XP pro clients, and all seems to working fine.
Users can log in, get shares, printers, etc. But when I set the flag on
an account to force users to change their password on next login, things
get a little funky. They log in with their original password, get the
dialog to change their password, but when they do, they see

"Your password could not be changed. A domain controller could not be
located."

If I clear the "user must change password flag" they go back to work no
problem.

Is this some kind of security policy error? Firewall misconfiguration?

Any help would be appreciated.

Eric.
esnyder@sas.upenn.edu

Could be a firewall problem, could be a DNS problem. Anything that blocks
the client from resolving the DNS name of the domain controllers on the
network can cause flakey password problems and slow logins.

--
Richard G. Harper [MVP Shell/User] rgharper@gmail.com
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


"E.M. Snyder" <esnyder@sas.upenn.edu> wrote in message
news:efe1a8$dq5n$1@netnews.upenn.edu...
> Hi all,
>
> I have a W2K3 domain w/ XP pro clients, and all seems to working fine.
> Users can log in, get shares, printers, etc. But when I set the flag on
> an account to force users to change their password on next login, things
> get a little funky. They log in with their original password, get the
> dialog to change their password, but when they do, they see
>
> "Your password could not be changed. A domain controller could not be
> located."
>
> If I clear the "user must change password flag" they go back to work no
> problem.
>
> Is this some kind of security policy error? Firewall misconfiguration?
>
> Any help would be appreciated.
>
> Eric.
> esnyder@sas.upenn.edu

Also, try DCDiag to check for avaliability pdc emulator master role.

....kurt

"Richard G. Harper" <rgharper@email.com> wrote in message
news:uqV%23%236n4GHA.4256@TK2MSFTNGP03.phx.gbl...
> Could be a firewall problem, could be a DNS problem. Anything that blocks
> the client from resolving the DNS name of the domain controllers on the
> network can cause flakey password problems and slow logins.
>
> --
> Richard G. Harper [MVP Shell/User] rgharper@gmail.com
> * PLEASE post all messages and replies in the newsgroups
> * for the benefit of all. Private mail is usually not replied to.
> * My website, such as it is ... http://rgharper.mvps.org/
> * HELP us help YOU ... http://www.dts-l.org/goodpost.htm
>
>
> "E.M. Snyder" <esnyder@sas.upenn.edu> wrote in message
> news:efe1a8$dq5n$1@netnews.upenn.edu...
>> Hi all,
>>
>> I have a W2K3 domain w/ XP pro clients, and all seems to working fine.
>> Users can log in, get shares, printers, etc. But when I set the flag on
>> an account to force users to change their password on next login, things
>> get a little funky. They log in with their original password, get the
>> dialog to change their password, but when they do, they see
>>
>> "Your password could not be changed. A domain controller could not be
>> located."
>>
>> If I clear the "user must change password flag" they go back to work no
>> problem.
>>
>> Is this some kind of security policy error? Firewall misconfiguration?
>>
>> Any help would be appreciated.
>>
>> Eric.
>> esnyder@sas.upenn.edu
>
>