We have several DMZ areas that we must use Windows Domain Agents to manage our domains. Performing password changes of any of the WindowsDomain accounts seems to work fine. The problem is the Password Validation doesn't work for accounts that aren't allowed to logon locally (Logon type of 2) to the domain controller (DC). Essentially all non-admin accounts. Password validation works fine for admin type accounts as they are allowed to logon locally to the DC.
This problem only happens with using the Agents. For domains that have direct access to our PMP, the validation works fine.
Is there a way to make password validation work for non-admin accounts while using agents (and by not granting non-admin accounts the right to logon locally)?
We are using PMP v11300