Renamed AD user accounts and Integrated Windows authentication in IIS 6.0?

U

Usenet User

Here is the issue: some user accounts were renamed in our Windows
2003-based Active Directory. These users successfully log in with
their new user IDs into the domain. However, when they try to access
our IIS 6.0-based ASP.NET applications that use Integrated Windows
Authentication, the IIS still recognizes them under their old user IDs
(???)

We tried to restart the IIS, but it did not help. We also asked users
to try from different workstations--same story. The client machines
have Win XP Pro.

What is the reason for that and how can it be fixed?

TIA!
 
J

Joe Kaplan

Have you rebooted the web servers? The LSA caches SIDs, so it is possible
that it is just going off a cached value.

It is also possible that the domain controller your web servers are talking
to have not picked up the replication of the name change yet, so the remote
call to do the name translation is still returning the old name.

This should eventually fix itself one way or the other unless you didn't
change the name the way you think you did. For example, you could have
changed the UPN in AD and then logged in with the new UPN but if you didn't
change the sAMAccountName as well, ASP.NET would continue to show the old
sAMAccountName in the username.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top