This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 78%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
I started at a company with about 100 users, all of which are remote. Only about 10 of those users was on the domain. I am slowly getting users on the domain, but everything being remote is a challenge. I have worked out a device tunnel using RRAS, and using Offline Domain Join to create a cert for authentication, joining to the domain, etc.
I've got several users on the domain and now I am running into issues with one of them. They were using Windows 11 Home. We purchased an upgrade key and changed the user to Windows 11 Pro. The unfortunate part of this is I have learned that a lot of the remote laptops here are using Windows 11/10 Home.
On Friday I got a user upgraded, on the domain, able to login, using the device tunnel, etc. Monday morning comes and they can no longer log in with their domain account. Using a screen sharing agent I have installed, I attempted to login with my domain account as well with no luck. I reset the user's password and clicked "user must reset password at login". When he logged in, it asked him to reset his password, he did, then went to login with it. Again, invalid password.
I did some research and I found this was a known bug with Windows 10. He said his computer was Windows 10 then he upgraded to Windows 11 at one point. His computer is fully up to date now with Windows 11. My question is, does this bug still effect Windows 11 if the update wasn't taken before upgrading to Windows 11? And what can I do about it without having the computer physically in front of me? Replacing this one isn't that bad, but it's the other 85 computers I worry about!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Might try patching both problem member and domain controllers to latest available. Also check that the problem member and domain controller both have the ip address of DC listed for DNS and no others such as router or public DNS.
--please don't forget to upvote and Accept as answer if the reply is helpful--
The problem isn't reaching the domain controller.. Its speaking to the domain just fine. Both the client and AD servers are fully up to date. The DC is Windows Server 2022 (I just rebuilt them). This was a known bug with Windows 10 and this computer was upgraded from Windows 10 to Windows 11, so either the issue is existent in Windows 11 or it exists still if you upgrade a client from Windows 10 to Windows 11 without already having the update in place.
I do see the registry key COMPUTERNAME\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ProductOptions\ProductSuite that includes personal, but there is nothing I can do about it because the computer is hundreds of miles away from me.
You could look for something here.
https://learn.microsoft.com/en-us/windows/release-health/status-windows-11-22H2#known-issues
--please don't forget to upvote and Accept as answer if the reply is helpful--
Thanks, but nothing there looks to match.