user.identity.name returns old AD user name

[Antonio O''Neal]

We changed a username in AD. The user now logs on to a computer on our
network using the new username without any problems. They can not logon using
the old username. However, when they access a IIS 6.0 web site where a
programmer compares system.web.httpcontext.current.user.identity.name to a
lookup table containing usernames they could not gain access with the new
userid. We created a web page to show what
system.web.httpcontext.current.user.identity.name is returning. It is
returning their old username. If we put the old username in the table the
user may access the web site. The IIS site logs for the web site show the
new username for the user as he accesses the site. I have used adsiedit to
look at the user's information in AD. It shows only the new username through
out the the account parameters.

We also have a sharepoint 3.0 site that shows the user's old username when
he accesses that site.

What can I do so system.web.httpcontext.current.user.identity.name will
contain the new username for this renamed account?

Thank you,
Antonio

 

[Joe Kaplan]

Does the problem go away if you reboot the web server? It sounds like the
LSA on the web server has cached the username for this particular user's SID
and isn't actually going to a domain controller to look it up. I would
expect this cache is is memory and would get wiped out by a reboot. I would
also expect this problem to eventually go away.

The other possibility is that the web server is talking to a domain
controller that has not picked up the update yet via normal replication, but
that sounds less likely unless replication is weird/broken in this
environment.

Joe K.

 

[Antonio O''Neal]

Joe,

First, thank you for the quick response.

Rebooting did fix the issue on a test server. We were hoping to find
something we could do that would not require a reboot like clearing a cache
area. We have some kiosks that access a different web site on the same
server which sometimes have problems when we reboot this production server .
Is there anything else we can do?

 

[Joe Kaplan]

Unfortunately I have an imperfect understanding of the problem, so I'm not
sure.

This KB article seems relevant and has info on changing some cache behaviors
via registry settings, so you might try this to see if it works for you.

http://support.microsoft.com/kb/946358

Joe K.

 

[Antonio O''Neal]

Thank you! I will read it over.

Have a nice weekend!

 

[Antonio O''Neal]

Joe,

That fixed the problem. I did not even have to reboot for the change to
take effect.

Thank you,
Antonio