We are running CIFS on NW65 SP1a, in domain mode with an NT4.0 domain. We
are having numerous niggling problems with users repeatedly getting locked
out and/or often finding that when both NW and NT passwords are reset they
still can't login and get their accounts locked out again, etc etc.

I have a few questions.

It does seem likely that in the case of password resets there might be a 15
minute delay on the NT side if the pc that reset the NT password was
to a BDC instead of the PDC. Then (as I understand it) it can take 15 mins
for the BDC to tell the PDC, and if the user retries connecting to the
Netware CIFS server in that period the NW server checks with the PDC which
says "that's not the right password".
But in that situation, which account gets locked out - the NT or NW one?
is there any way of avoiding this delay?

Also we have noticed the following error showing up regularly on the NW
server's logger screen:

"SessionSetup: PDC and CLIENT SecBlobs OUT OF SYNC"

TID 10079206 (May 2003) recommends a registry change on the PDC that tells
it not to autoreconnect every 15 mins (which is a default setting). But
previous msgs here have said that unless you're using Citrix this is a
cosmetic error, and that an earlier CIFS patch fixed the problem and
the error message. Weo don't use Citrix and have the very latest CIFS patch
installed: CIFS.NLM is v3.2 26 May 2004. So does this error message
indicate a real problem?


Steve Law