JSI Tip 5492. Your Windows 2000 RAS server cannot process a change password request when a domain password has expired?

When a user dials into a Windows 2000 RAS server and their password has expired, the change password request may fail and the user cannot connect?

This problem can occur if the Windows 2000 RAS server is a member of a Windows NT 4.0 domain or a mixed-mode domain.

To fix the problem, the change password request must be directed to the PDC:

1. On the RAS server, use Regedt32.exe to navigate to:


Edit or Add Value the following type REG_DWORD value Names:

NodeType - set to a 4 (m-node/mixed node).
EnableLMHOSTS set to a 1 to enable LMHOSTS.

2. Use a true ASCII editor like Edit from a cmd prompt (not NotePad) to edit:

%SystemRoot%\system32\drivers\etc\LMHOSTS (you may need to copy LMHOSTS.SAM) and add an entry at the top for the PDC:

IP_ADDRESS_OF_PDC "DOMAINNAME \0x1C" #PRE where the entire entry in quotes is exactly 20 characters.

Make sure there are a few (3 or 4) blank lines at the bottom of the file.

Then type NBTSTAT -R (use exact case) to reload the LMHOSTS file and NBTSTAT -c to verify that the 1C entry is in the cache.

Restart the RAS server.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.