|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Problem authenticating against renamed Active Directory accounta user has connected the applicaiton picks up their username and looks up details in a database using the username as a key. The username is got from the following: ((WindowsPrincipal)Page.User).Identity.Name This works fine for everyone but a problem has recently cropped up. One persons AD account has recently been renamed. e.g. It was originally MYDOMAIN\JohnSmith and it is now MYDOMAIN\JohnJones Although the user can log on using MYDOMAIN\JohnJones the username resolves to MYDOMAIN\JohnSmith i.e. the original name. Is there a bug in the security api? Why is this occuring and how do I fix it? Thanks in advance for your help Alan There was a discussion about this very problem recently. It seems to have
to do with caching in the LSA. If rebooting the server doesn't flush the cache, you can adjust the behavior by changing a registry key. Do a few searches and you should find the relevant details. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net "Alan Lambert" <AlanLambert@nospam.nospam> wrote in message news:%23CUunY5iJHA.1288@TK2MSFTNGP02.phx.gbl... > I've got a web (intranet) application that uses windows authentication. > Once a user has connected the applicaiton picks up their username and > looks up details in a database using the username as a key. > > The username is got from the following: > > ((WindowsPrincipal)Page.User).Identity.Name > > This works fine for everyone but a problem has recently cropped up. One > persons AD account has recently been renamed. > e.g. It was originally MYDOMAIN\JohnSmith and it is now MYDOMAIN\JohnJones > > Although the user can log on using MYDOMAIN\JohnJones the username > resolves to MYDOMAIN\JohnSmith i.e. the original name. > > Is there a bug in the security api? Why is this occuring and how do I fix > it? > > Thanks in advance for your help > > Alan > 
Other interesting topics
interop & performance
Impersonation problem Problem using obfuscation Dotnet 2.0 PCKS CheckSignature Error What permission do I need to add a user to a group? (C#) problem impersonating when remoting Encryption Scenerio Encrypting connection strings - Threat model - Best practices Directory Security API is taking time.... |
|||||||||||||||||||||||
