Domain users not able to logon with their password event though it has not been changed....

Hi, we have this weird problem where some of the users suddenly can't login to their computer with the password they have used for almost 20 years (yes sorry, bad practise).

When the user reports it I check that I can logon to the computer with my own account (not 20 year old password) which works fine. I check the event log for problems both on the client and the DC and all I see is see which I can relate to the problem is event id 4625 with an error code which means bad password.

I check the AD account and see that pwdLastSet has a date in 2006 (not quite 20 years, but close) and I check that the account is not logged out or expired. Also make sure that the password never expires is enabled, so in my book these are all the checks needed and problem not solved.

I then change the password to the same password that the user has had for almost 20 years and problem solved, but problem source not found.

This has happend to 3-4 users within the last week or two, even a service user with domain admin permissions, only thing I pay note to that they have in common is the pwdLastSet in 2006, but I really can't seem to get my head around this being the issue.  Also only other thing I can think of that has changed is that the old DC has been removed a few months ago, and a new 2025 DC has been introduced. promote/demote went without issues and this problem didn't surface before now several weeks after the DC change.

So if anyone has experienced something similar or perhaps can point me in a direction for further troubleshooting please let me know.

Thansk

Thomas