JSI Tip 2855. Windows 2000 Domain client replicates password change immediately?

If a directory-service aware domain client changes their password, the change is immediately replicated to the PDC FSMO role holder by the validating domain controller, even across a WAN.

If you prefer to delay this WAN replication to the normal interval, use Regedt32, on the validating domain controller, to navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters

On the Edit menu, Add Value name AvoidPdcOnWan, as a REG_DWORD data type. Set the data value to 1.

The password change will be replicated to the other domain controllers using the normal replication interval.


Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish