Results 1 to 2 of 2

Thread: old password usable after a password change

  1. 08-01-2010 #1
    ADAMEE
    ADAMEE is offline Member
    Join Date
    Aug 2008
    Posts
    4

    old password usable after a password change

    Hi,

    Good day to all. I have an ADAM synchronising its proxy-user from an AD.

    After changing password in an XP client logon to the AD(restart or without restart), both the old and new passwords can still be used to LDP into the ADAM.

    1. Though there are many DCs in my AD, replication is ruled out - as the phenomenon remains after a force replication on all the DCs.

    2. AD-ADAM sync is also ruled out as I after performing a manual synchronisation (via the XML stuffs), the symtom persists. In addition, it is a proxy-user, so authentication is refered to the AD DCs, right ?

    3. On my XP client, I had also renew the kerberos tickets via "klist.exe purge" and "klist.exe tgt"

    I had come across a MS NTLM behaviour issue, something to do with "OldPasswordAllowedPeriod" - http://support.microsoft.com/kb/906305

    I would like to know do I need to know if I need to change this setting on an AD-DC ?

    Do I need to do anything more on the ADAM configuration sets or anything at all ?

    I would appreciate if anyone has come across this provide some advice to me. Thanks.

    Have a nice day.
    Reply With Quote Reply With Quote
  2. 22-05-2011 #2
    Connect_Me
    Connect_Me is offline Member
    Join Date
    Nov 2008
    Posts
    1,066

    Re: old password usable after a password change

    Try this back again it might help you. Navigate to Control Panel and open Administrative Tools. Open the 'Users and Groups in Active Directory. Right click on the root domain container and select Properties. . In the Properties dialog, click Group Policy tab. Then click New to create a new Group Policy object (GPO) in the root container. Specify the name of the new directive and group and then click Close. Right click on the root domain container and select Properties. This shows again the Domain Properties dialog. Click the Group Policy tab, and select the link for the new Group Policy Object you just created. Click Up to move the new GPO to the top of the list, and then click Edit to open the Object Editor Group Policy. Expand the Computer Configuration node and navigate to the folder Windows Settings Security Settings}}} Account Policies Password Policy. The right pane, double-click on the `Enforce password history. Then select the 'Define this policy setting' and set the 'Save password history' to 24. Click the OK button to close the dialog.
    Reply With Quote Reply With Quote
« Ldap Referral Chasing In Windows | Event Log forwarding »

Similar Threads

  1. Not able to log in or to change the PSN password
    By Konkar in forum Portable Devices
    Replies: 3
    Last Post: 22-08-2011, 09:41 AM
  2. Need Password Reset Disk to change password for Windows 7
    By Alfanumeric in forum Operating Systems
    Replies: 3
    Last Post: 11-01-2011, 04:06 PM
  3. How to change MSN password
    By avvia in forum Windows Software
    Replies: 3
    Last Post: 28-07-2009, 08:56 AM
  4. Change password for users with blank password: Error
    By Ihit in forum Active Directory
    Replies: 3
    Last Post: 06-06-2008, 06:21 PM
  5. Change password/disable account - password cached?
    By gbug in forum Active Directory
    Replies: 3
    Last Post: 25-04-2008, 05:09 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page generated in 1,713,566,081.50912 seconds with 17 queries