No announcement yet.

AD accepting multiple passwords

  • Filter
  • Time
  • Show
Clear All
new posts

  • AD accepting multiple passwords

    Has anyone else ran into this?

    We are running 2003 AD and have a third party portal that authenticates our users through a LDAP bind.

    We have noticed that when a user changes his Windows password he can no longer log into windows with the old password but he can still log into the portal for approximately 1 hour using the old password.

    Under further review, we have discovered that the user can also bind using Softerra to AD using either the new or the old Windows password within 1 hour of changing it.

    This would make it appear as if AD is caching the old password and is allowing some sort of authentication to both passwords.

    Anyone else ran into this and if so what is going on and how do you prevent this from happening?


  • #2
    Re: AD accepting multiple passwords

    It may have something to do with your AD replication. Are the users and the DC's all on the same subnet? Are the DC's all on the same subnet? Have you checked AD replication lately to make sure it's working correctly?