Hello, all, Hopefully someone on here can help me with the issue I am having. We recently did a network redesign at my company and moved out AD/LDAP servers to out in house data center, once we did that we changed out DC so that the secondary took over. Now the interesting part, any remote user that changes their password while connected to VPN is left with their old password still in use to log into endpoint devices and the new password will log them into VPN/O365.

Tunnels are sound as far as I can tell. " test-computersecurechannel " returns a failed response in powershell. Is there a configuration somewhere I am missing?
If more information is needed please let me know! Thanks in advance.