HI, Are you using AD or open LDAP. In windows even you changed the password for the ldap user , old password still work for few seconds. its known issue. But if its(old password) working after few mins(eg: 1 hour) then please raise a bug.
Can you try your scenario on private window ( press cntl+shift+p in firefox browser)of your browser without restarting the MS. Regards Sadhu -----Original Message----- From: Rene Moser [mailto:[email protected]] Sent: Monday, October 26, 2015 8:01 PM To: [email protected] Subject: Authentication with old LDAP passwords ACS 4.5.1 Hi We discovered an issue which can be security relevant and may also exist in 4.6. We use LDAP for user authentication, once a user is authenticated, it seems this password will be cached on cloudstack management. If the password has been changed on LDAP, the old password(s) still works for authentication unless you restart the management server. We didn't find a global setting related to this. Is this wanted? Otherwise I would create a bug report. Yours René
