cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marty Godsey <ma...@gonsource.com>
Subject RE: LDAP (Active Directory) password concerns
Date Mon, 01 Aug 2016 06:32:35 GMT
The password has been changed. If I try to log onto a machine in the domain with the old password
it tells me the password is incorrect. If I use the new one, it logs me into the machine.
There are only three accounts in the ACS instance: admin, bare-metal and testallow. Testallow
is the LDAP account.


Regards,
Marty Godsey

-----Original Message-----
From: ilya [mailto:ilya.mailing.lists@gmail.com] 
Sent: Monday, August 1, 2016 2:29 AM
To: users@cloudstack.apache.org
Subject: Re: LDAP (Active Directory) password concerns

Do you happen to have local account as well as ldap account set?

It usually follows one authentication method (ldap) followed by another (local). Please confirm
the passwords are different.

I will be testing ldap this week and will let you know if i see this issue. I've used it in
past, I'd be surprised to see this behavoiur, last i recall, we dont cache - and do a lookup
to LDAP each time user tries to authenticate.. You should see this in the logs..


Regards,
ilya

On 7/31/16 11:01 PM, Marty Godsey wrote:
> Hello,
> 
> I have a lab CloudStack that is authenticating to an active directory and it works great
accept one thing. If I change the password on the AD user, ACS still allows the user to log
into the ACS portal with the old AND the new password...
> 
> Is there a refresh interval for LDAP accounts? Does it store a hash in the ACS database?
Did I miss a setting?
> 
> Regards,
> Marty Godsey
> 
> 

Mime
View raw message