We're experiencing a problem which I'm sure I've seen documented before...just can't remember where.
Symptom is that people are having passwords expire prematurely - suddenly they're prompted for id/password when trying to access a resource, and if they log out/in they are told their password has expired. If, on the other hand, they just wait a bit instead of logging out/in, things work in a few minutes. It bounces back and forth every five minutes or so. Our Max password age is 90. When the user is OK, the time until expiration (as we calculate it based on PwdLastSet and Max Password Age) is what we expect. When the user is having problems, it appears it expired at 42 days. I recall something about password policy being set incorrectly so it flip-flops between 90 and 42 days. Can anybody tell me what that was all about ??? Dave List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
