All geek questions in one place

SharePoint remembers the changed password

I am observing some strange behavior with SharePoint when changing Active Directory user passwords.

I created a custom application page to change the user password in Active Directory. The code seems to work fine, as I can check on Windows that the password has been changed.

However, it is strange that after changing the password, SharePoint will allow the user to log in with both the recently changed password and their old password . Essentially, this allows them to log in with two different passwords.

I checked that this is something in SharePoint, since I can only log in to Windows with an updated password.

Does anyone know why this will happen? I cannot find any information on the Internet regarding SharePoint caching credentials or anything else. Any thoughts would be greatly appreciated.

Thanks in advance.

+3
source share
2 answers

Expected Behavior: http://support.microsoft.com/kb/906305

Microsoft Windows Server 2003 Service Pack 1 (SP1) changes the behavior of NTLM network authentication. After installing Windows Server 2003 Service Pack 1, domain users can use their old password to access the network for one hour after changing the password. These changes do not affect existing components that are designed to use Kerberos for authentication.

+4

? ? , , . , IE?

0

Source: https://habr.com/ru/post/1706919/

More articles:


All Articles