none
User cant change password: Configuration information could not be read from the domain controller, either because the machine is unavailable, or because access is denied RRS feed

  • Dotaz

  • Hi,

    We are running our Domain Controller and Active Directory in the cloud. All our users use their AD account to log onto their computers and this has been working fine for the last few years. Today an employee needed to change their password and for some reason they get the error: "Configuration information could not be read from the domain controller, either because the machine is unavailable, or because access is denied".

    After trying it several times, always with the same result, I checked to make sure that the DC/AD was available. After that, I manually entered the DNS of our DC to make sure that it wasn't just a network error. That didn't change anything though. Then I used my account to log onto his machine and I was able to change my password with no problem. That made me think that this must be an issue with his account but when I checked it, the permissions were all set correct.

    After researching this error online and finding no helpful answer that explains why this is happening and how to fix it I'm stuck. Does anybody know why this is happening? And does someone know how to fix this?

    With kind regards,

    C. Zerbe

    pátek 5. července 2019 13:32

Všechny reakce

  • Hi,

    i think if there would be a general issue with your active directory, you would have noticed it :) Several Applications as well as entire company would be calling you for help.

    As you already mentioned - the employee´s machine might be the issue. Did you delete his userprofile from his machine, so the  profile can be re-created by the system ? Further how is the machone connected - LAN or WIFI ? 

    I think you should check and watch the network connection of this machine.

    regards, pat

    pátek 5. července 2019 17:14
  • Hi,

    Please try to recreate the problematic user profile referring to the following steps:

    Rename the user's profile folder to xx.old

    Logged in as an admin, go to Control Panel User Accounts Manage User Accounts. Domain accounts show there after an initial login.

    Delete the account for xx

    Open regedit and make sure that the user is no longer in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Delete it if present, even if it is followed by ".bak".

    Then login as xx to recreate the user profile, re-check the issue.

    If the issue still persists, please submit a new case under Windows Server>Directory Services as they will be more professional on your issue.

    Best Regards,


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    úterý 9. července 2019 17:05
    Moderátor
  • Hi,
    Was your issue solved?
    If yes, would you like to share your solution in order that other community members could find the helpful reply quickly.
    If no, please reply and tell us the current situation in order to provide further help.
    Best Regards,

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    neděle 21. července 2019 19:22
    Moderátor