Article ID: 242770 - Last Review: March 1, 2007 - Revision: 1.2

Creating External Trusts May Succeed with Cached Password

View products that this article applies to.
This article was previously published under Q242770
Expand all | Collapse all

SYMPTOMS

When you create a trust relationship successfully, delete it, and re-create it with incorrect passwords, the trust may be (mistakenly) successfully re-created. This behavior can occur with down-level and external trusts, and can occur if you:
  1. Create one direction of trust successfully.
  2. Create a second direction of trust successfully.
  3. Delete the second direction of trust.
  4. Re-create the second direction of trust with an incorrect password. The trust is created successfully with the incorrect password.
NOTE: This is not a problem when you are resetting trust relationships. The correct password must be entered for the old password to be changed.
Back to the top

CAUSE

The Netlogon service caches old passwords for trusts. Until a trust is completely destroyed, old passwords are available to validate a trust created with an incorrect password.
Back to the top

RESOLUTION

To correct this, delete the trust from both sides of the trust relationship.
Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
Back to the top
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows NT 4.0 Service Pack 4
  • Microsoft Windows NT 4.0 Service Pack 5
  • Microsoft Windows NT 4.0 Service Pack 6
Back to the top
Keywords: 
kbenv kbprb KB242770
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations