Hi All,
Not sure if this is even the right place to ask this but I shall give it a go and see what happens. - Also I don't know if what I am asking is even possible.
As part of a user migration project I am moving users from Forest A to a Child Domain in Forest B. A 2 way transitive forest trust has been configured between forest A & B. New accounts have been created, SIDhistory is being used for file access and users are able to login to the Forest A Workstation using their Child Domain of Forest B username and password.
However when a user forgets their password and rings the helpdesk the service desk are setting the user must reset password at next login option on the user object in AD (nothing wrong with this). When the user attempts to login to the computer on Forest A using their Child Domain of Forest B username and the password given to them by the service desk an error is given and the login fails.
Removing the tick on the AD object for the user for change password at next login and asking the users to reset their passwords using the Alt Ctrl & Del then selecting change password works as expected no problem.
Should this be working as expected in that the user should be able to change their password or is what I am seeing correct and users cant change their passwords at first login using a trusted forests computer objects?
Thanks in advance!