Problem authenticating against renamed Active Directory account

Discussion in 'ASP .Net Security' started by Alan Lambert, Feb 10, 2009.

  1. Alan Lambert

    Alan Lambert Guest

    I've got a web (intranet) application that uses windows authentication. Once
    a user has connected the applicaiton picks up their username and looks up
    details in a database using the username as a key.

    The username is got from the following:

    ((WindowsPrincipal)Page.User).Identity.Name

    This works fine for everyone but a problem has recently cropped up. One
    persons AD account has recently been renamed.
    e.g. It was originally MYDOMAIN\JohnSmith and it is now MYDOMAIN\JohnJones

    Although the user can log on using MYDOMAIN\JohnJones the username resolves
    to MYDOMAIN\JohnSmith i.e. the original name.

    Is there a bug in the security api? Why is this occuring and how do I fix
    it?

    Thanks in advance for your help

    Alan
     
    Alan Lambert, Feb 10, 2009
    #1
    1. Advertisements

  2. Alan Lambert

    Joe Kaplan Guest

    There was a discussion about this very problem recently. It seems to have
    to do with caching in the LSA. If rebooting the server doesn't flush the
    cache, you can adjust the behavior by changing a registry key. Do a few
    searches and you should find the relevant details.
     
    Joe Kaplan, Feb 10, 2009
    #2
    1. Advertisements

  3. Alan Lambert

    Alan Lambert Guest

    Joe, Allen

    Many thanks to both of you for your help.

    Alan
     
    Alan Lambert, Feb 11, 2009
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.