Re: IIS Digest Authentication and Domain Password Changes
- From: "Ken Schaefer" <kenREMOVE@xxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 9 Feb 2008 17:19:28 +1100
Hi,
IIS just uses the underlying Windows security infrastructure. So IIS will contact a local DC to authenticate the user. If the DC thinks that the password is incorrect, it will contact the PDCe FSMO role holder to check, before telling IIS that the password is, indeed, incorrect.
Cheers
Ken
"Joe Cormane" <nobody@xxxxxxxxxxx> wrote in message news:eIO9lRnaIHA.4712@xxxxxxxxxxxxxxxxxxxxxxx
I have a security scenario where people in remote offices change their passwords then attempt to connect to an IIS-hosted application at my site before the replication interval. I know that windows polls the PDC emulator to see if password changes have occurred, however, I wasn't sure if IIS does the same thing or if it could be configured to do so. Currently we are using Digest authentication. No realm is specified if that makes a difference.
I just want to ensure that the remote users don't end up locked-out in the event that they have changed passwords and get impatient. I also don't want to force a bunch of unnecessary replication just for an event that occurs once every 90 days.
.
- References:
- IIS Digest Authentication and Domain Password Changes
- From: Joe Cormane
- IIS Digest Authentication and Domain Password Changes
- Prev by Date: Re: Migration to new hardware
- Next by Date: Re: Howto refresh IIS 6 Application pool identity credential info ?
- Previous by thread: IIS Digest Authentication and Domain Password Changes
- Next by thread: Re: Howto refresh IIS 6 Application pool identity credential info ?
- Index(es):
Relevant Pages
|
