On 23/07/2010 10:36, OSHIM wrote:
hi all,
i configured two systems for OpenLDAP authentication with MS AD, I have used
SASLauthd between them. one is on debian and another one is on centos.
But I am getting a strange problem. If I change my user password on MS AD then
OpenLDAP on debian can authenticate the old passwd and the new passwd, after 1
hr the old passwd does npt get valid.
and on centos Openldap can recognize the new passwd of MS AD if I change the
user passwd twice at a time then the old passwd does not get valid.
Anyone have got this problem? Any solution? Please help.
While this is really not related to OpenLDAP, I can tell you that this
is a "feature" in Active Directory - it keeps the old password valid for
one hour (by default, it's configurable).
This, and other weirdness, is described at:
http://lsc-project.org/wiki/documentation/1.2/howtos/activedirectory#pitfalls
Jonathan
--
--------------------------------------------------------------
Jonathan Clarke - [email protected]
--------------------------------------------------------------
Ldap Synchronization Connector (LSC) - http://lsc-project.org
--------------------------------------------------------------
