Why can't I use my user principal name to change my password if the Global Catalog is unavailable?
July 17, 2001
A. In Windows 2000, users have a user principal name (UPN)—e.g., [email protected]—as well as the usual down-level SAM name—e.g., savillj. If you change your password using the down-level SAM username, the change works fine, even if the Global Catalog (GC) isn't available. If you change your password using your UPN and the GC isn't available, you receive the following error message if the account is in the parent domain:
The user name or old password is incorrect. Letters in passwordsmust be typed using the correct case. Make sure the Caps is notaccidentally on.
Or, you receive the following error message if the account is in the child domain:
Unable to change the password on this account due to the followingerror:1359: An internal error occurredPlease consult your system administrator.
To confirm that the GC's absence is the problem, use the following command to find your logon server:
echo %logonserver%
When you find the logon server, check the directory-service event log for the following event:
Event 1126 Unable to establish connect with global catalog
To fix this problem, you need is to ensure that the GC is available. You need the GC to change passwords using your UPN because domains store information only about their local domain whereas the GC includes information about objects in the entire forest. Thus, the GC must be available when you use the UPN, unless you have only one domain.
About the Author
You May Also Like