N/APosted on - 11/01/2011
I am currently working in a network at MS Windows Active Directory.
Usually when user's with expired password log on to our domain, it will notify and prompt them to change it.
When they entered the current password and entered the new password and enter it again in the confirm field; there’s a message appeared that read as:”Domain Controller could not be reached”.
I believe there is an MS fix/ Patch to this, can somebody please teach me on how to solve this problem?
MS Windows Active Directory problem
The most important fact to be kept in mind is that all the domain controllers in one domain are peers of each other. Now all the controllers should be connected to each other with a proper replication topology, which helps the Domain controller locator to find the correct Domain controller, but this can only be possible when the locator have the accurate information so it can locate the proper resource, otherwise, if the domain controller is not properly advertised, the locator is not going to find it.
Each server/ domain controller should be advertising a role in order for the locator to return to that server as candidate.
Nltest tool can be used to properly know about the roles advertised by the server.
Keeping in view the very short explanation above, the issue quoted by you “Domain Controller could not be reached” may be a result of improper topology of different servers and their roles advertised. In my experience this is the most common reason other than the network / connectivity problems, and overloaded server problem.
The network factor can be checked by pinging either by DNS of the server, or by NetBIOS.
The overloaded server can be checked by checking the server’s resources.
You can use Dcdiag tool for all the above checks.
After performing the above you must allocate the proper role to ONE PRIMARY DOMAIN CONTROLLER
Also do perform the following from the client.
On the command prompt write:
ipconfig /flushdns Now Reboot.
Hope the above resolve the issue