Sorry for the late reply - the user wasn't in yesterday, so i couldn't
confirm the effectiveness of the iisreset - but it wasn't...
According to the dev, the web sites use two different methods to
gather the ID from the user:
string PageUserName = Page.User.Identity.Name.Replace("EXAMPLE\\", "");
and
string HttpContextCurrentUser =
HttpContext.Current.User.Identity.Name.Replace("EXAMPLE\\", "");
How it validates that against AD I don't know.
I'm going to install Fiddler on the user's machine tmorrow, and see if
that can tell me anything.
And, I'm beginning to wonder if there's something that's cached in her
local profile that's gone worng [sic].
Kurt
On Fri, Sep 15, 2017 at 5:08 PM, Michael B. Smith <[email protected]> wrote:
> Then what's the query?
>
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> On Behalf Of Kurt Buff
> Sent: Friday, September 15, 2017 8:01 PM
> To: ntsysadm
> Subject: Re: [NTSysADM] Odd problems with account display after name change
>
> No, I'm not sure the app isn't caching - this despite the web developer's
> assertion that it's a direct query to AD for each login.
>
> I'm going to do an iisreset this weekend, and see if that resolves the
> problem.
>
> Kurt
>
> On Fri, Sep 15, 2017 at 4:18 PM, Brian Desmond <[email protected]> wrote:
>> Seems unlikely. Are you sure the app isn't caching something locally?
>>
>> Thanks,
>> Brian Desmond
>>
>> w – 312.625.1438 | c – 312.731.3132
>>
>> -----Original Message-----
>> From: [email protected]
>> [mailto:[email protected]] On Behalf Of Kurt Buff
>> Sent: Friday, September 15, 2017 6:03 PM
>> To: ntsysadm <[email protected]>
>> Subject: [NTSysADM] Odd problems with account display after name
>> change
>>
>> All,
>>
>> I've got a couple of questions, but first what I'm seeing.
>>
>> One of our users went through a name change this week (from jmounts to
>> jmartin), and now she's seeing her old ID on a couple of internally
>> developed web sites (we show who's logged in on the landing page for each of
>> them) that get permissions from AD.
>>
>> I've looked over her account briefly (get-aduser -properties*), and see a
>> couple of places that still show the old ID:
>>
>> legacyExchangeDN : /o=Exampe/ou=US/cn=Recipients/cn=JMounts
>> msExchADCGlobalNames :
>> EX5:cn=JMounts,cn=Recipients,ou=US,o=Example:organizationalperson$pers
>> on$top0000000041538F7E51E1C701}
>>
>> The second one above also has NT5 and FOREST entries.
>>
>> I also see these entries:
>>
>> ProxyAddresses X400:c=US;a= ;p=Example;o=US;s=Mounts;g=Jill;
>>
>> along with her smtp and sip addresses, and
>>
>> textEncodedORAddress : X400:C=US;A= ;P=Zetron;O=ZETUS;S=Mounts;G=Jill;
>>
>> But since they don't show jmounts, I don't think they play a role here.
>>
>> So, the question:
>> 1) would any of these fields be picked up by the web sites? Doesn't seem
>> likely to me.
>>
>> 2) Is there any other place I should be looking to track this down?
>>
>> Kurt
>>
>>
>
>
