Re: AD user name changed, IIS still sees old user name
From: Aaron (Aaron_at_discussions.microsoft.com)
Date: 03/30/05
- Next message: sun: "turn this off NTAuthenticationProviders : (STRING) "Negotiate,NTLM"
- Previous message: WenJun Zhang[msft]: "Re: Consuming ASP.NET Web Service"
- In reply to: David Wang [Msft]: "Re: AD user name changed, IIS still sees old user name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Mar 2005 06:33:06 -0800
Any other ideas? We really need to resolve this issue. We cannot go around
rebooting all the servers in our environment everytime we have to change a
user's logon username. Please help.
Thanks,
Aaron
"David Wang [Msft]" wrote:
> Did you change the user's name, user's SID, or both?
>
> IIS definitely caches user tokens for performance reasons (can't be hitting
> the DC on every single request...), and since the DC doesn't tell IIS when
> such AD data changes, you'll have to do it yourself. Restarting IIS (either
> recycling the ApplicationPool or W3SVC service) should be sufficient to
> clear out the user tokens. I also believe IIS refreshes such user tokens
> after 15 minutes or so, so unless you are in a hurry, things should just
> magically work.
>
> Now, ASP.Net/.Net Framework may do its own caching, and since
> Context.User.Identity is within ASP.Net, you will need to make sure their
> caches are cleared as well.
>
> --
> //David
> IIS
> http://blogs.msdn.com/David.Wang
> This posting is provided "AS IS" with no warranties, and confers no rights.
> //
- Next message: sun: "turn this off NTAuthenticationProviders : (STRING) "Negotiate,NTLM"
- Previous message: WenJun Zhang[msft]: "Re: Consuming ASP.NET Web Service"
- In reply to: David Wang [Msft]: "Re: AD user name changed, IIS still sees old user name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
