Does Directory and Resource Administrator replicate password changes directly to the PDC emulator? (NETIQKB8034)

  • 7708034
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

goal
Does Directory and Resource Administrator replicate password changes directly to the PDC emulator?

fact
Directory and Resource Administrator 6.x

fact
Directory and Resource Administrator 7.x

fix

No.  Directory and Resource Administrator (DRA) makes all read/write operations to the closes DC or the DC set in the registry key, DcPreferred.  The DC that DRA is connecting to can be found in the value DcBind in the registry key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Mission Critical Software \ OnePoint \ Administration \ Modules \ Accounts \ Domains.Dns \ domainname

After the password change is made on the DC that DRA is bound to, then Active Directory replication takes place and replicates the password to the PDC emulator.  Resetting a password on a user account in AD is given priority treatment by AD and is replicated to the PDC emulator right away.  This is detailed in the following Microsoft knowledge base article under the section PDC Emulator FSMO Role:

  • Q197132:  Windows 2000 Active Directory FSMO Roles 


note

A script is included in the Knowledge Depot which automatically updates the user account's password on all DCs in the domain when a password is reset thru DRA.



Additional Information

Formerly known as NETIQKB8034