Active Directory users can access with the old password !!!!
Hello all,
We have many application and third party integrated with active directory but i face the following issue with all application also with Exchange 2010 SP2,
when i reset password for particular user he can access his account with the old password for 2-5 minutes only with integrated applications but domain logon works fine , is that a normal behavior, can we handle it , thanks all.
We have many application and third party integrated with active directory but i face the following issue with all application also with Exchange 2010 SP2,
when i reset password for particular user he can access his account with the old password for 2-5 minutes only with integrated applications but domain logon works fine , is that a normal behavior, can we handle it , thanks all.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
If you have multiple domain controllers then it takes some time to replicate to other domain controllers. So the authentication might be happening from a Domain Controller before its replicated from the domain controller where the password change happened.
Regards,
Thomas
Regards,
Thomas
Dear thomasclm
i thought that then i shut down the additional domain controller but it's still later i discovered that it's a normal behavior from the A.D for 1 hour then it will expired, si still i need to reduce it as possible,
thanks .
i thought that then i shut down the additional domain controller but it's still later i discovered that it's a normal behavior from the A.D for 1 hour then it will expired, si still i need to reduce it as possible,
thanks .
Dear PeteLong
it's very helpful article but still i missing understand this key values :
On the Edit menu, click Add Value, and then add the following registry value:
Value Name: UserTokenTTL (Note This is case-sensitive!)
Data Type: REG_DWORD
Value Range: 0 - 0x7FFFFFFF (Note This unit is in seconds.)
how many seconds it will takes ?
also i need to make this with all integrated applications not Exchange only ,
it's very helpful article but still i missing understand this key values :
On the Edit menu, click Add Value, and then add the following registry value:
Value Name: UserTokenTTL (Note This is case-sensitive!)
Data Type: REG_DWORD
Value Range: 0 - 0x7FFFFFFF (Note This unit is in seconds.)
how many seconds it will takes ?
also i need to make this with all integrated applications not Exchange only ,
Is there any configuration where you can modify or configure how long password should be cached or do you have any apps which syncs the password,
if yes, how often...??
How is the replication configured or is there any issue with the replication between the DC's. The issue can be due to replication also.
You can disable the cache logon see this
http://technet.microsoft.com/en-us/library/cc755473(v=ws.10).aspx
Cached and Stored Credentials Technical Overview
http://technet.microsoft.com/en-us/library/hh994565(v=ws.10).aspx
http://support.microsoft.com/kb/913485?wa=wsignin1.0
if yes, how often...??
How is the replication configured or is there any issue with the replication between the DC's. The issue can be due to replication also.
You can disable the cache logon see this
http://technet.microsoft.com/en-us/library/cc755473(v=ws.10).aspx
Cached and Stored Credentials Technical Overview
http://technet.microsoft.com/en-us/library/hh994565(v=ws.10).aspx
http://support.microsoft.com/kb/913485?wa=wsignin1.0
Premium Content
You need an Expert Office subscription to comment.Start Free Trial