We help IT Professionals succeed at work.

Windows Authentication - credentials not expiring

jasonrlee
jasonrlee asked
on
Medium Priority
921 Views
Last Modified: 2012-06-27
I am using Active Directory to retain login/password info.  I am authenticating users as they enter Sharpoint with a popup Window's authentication.

Users choose to save their passwords.  When users are required to change their password their authentication to Sharepoint fails.  

If password is set back to their old credentials the authentication works properly.  So the credentials are being saved somewhere and not being updated when users change their network password.
Comment
Watch Question

Author

Commented:
I found half of the solution:

By running the following command:

rundll32.exe keymgr.dll, KRShowKeyMgr

I get a window that shows me saved windows passwords.  This showed me the saved password that wasn't expiring.  But I can't get here without running this command, and it doesn't solve my global problem.

Still when passwords are changed how can I clear this saved password automatically and globally?

The question is still open.
Why aren't you authenticating though the IIS user in AD?  This will then authenticate then through active directory...this is more secure and less administration.

Author

Commented:
I don't think you undestand the problem.

I am in fact authenticating against active directory.  The problem is the credentials got saved in this Windows Login Password menu.  I have since turned off the ability to save login/password credentials, but everyone in the office still has their old credentials saved in that menu.  Everytime they enter sharepoint they are first authenticated by the old (saved)credentials instead of the immediate ones.
Your right I didn't understand.  But now I think I do.  Were you using basic authentication before?

Anyway...here is one KB article that describes adding in activex code to force a re-authentication...
http://support.microsoft.com/?kbid=195192

Another link...
http://www.experts-exchange.com/Web/Web_Servers/IIS/Q_21772113.html

Also...this is pretty basic but have you told them to clear there history and cookies for IE?  This wipes out the retained passwords for sites.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
Well your links for activeX seem to be the only answer to my problem.  Since I've never created an ActiveX Control before that will take some time to impliment.  So the points are yours, and I'll repost if I run into problems down the road.  Thanks
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.