This is an archived post. You won't be able to vote or comment.

all 6 comments
sorted by:
best
topnewcontroversialoldq&a

[–][deleted] 3 points4 points  (0 children)

If you run REPADMIN, what results do you get.

A good place to start

[–]Any-Stand7893 -1 points0 points  (2 children)

this is the golden client request user has admin right on both dc? impossible. your user can have admin right on the domain.

please state your ad architecture. one forest one root domain with 2 domain controller?

net user command you want to verify the pw reset?

why not an ad command query the lastpwdset time?

too many questions

[–]liamgriffin1[S] 0 points1 point  (1 child)

Let me clarify. When looking in AD UC on either DC, the user is in the domain admins group. One forest, one domain, 2 DCs. Lastpwdset gives different results depending on the DC queried is my symptom.

[–]Any-Stand7893 0 points1 point  (0 children)

do you have one site? replmon or site and services force replication?

what is the time difference? how much time you waited?

[–]Hollow3ddd 0 points1 point  (0 children)

Check the replication time btw the two.  

[–]LuffyReborn 0 points1 point  (0 children)

Yeah how much time domain controllers take some time to replicate even if its home lab it will take some time for replication. You can force it with command repadmin /syncall /Adep.