[prev in list] [next in list] [prev in thread] [next in thread]
List: pamldap
Subject: Re: [pamldap] does pam_ldap password cache
From: Timo Veith <tv () rz ! fh-kl ! de>
Date: 2006-04-26 14:04:06
Message-ID: 200604261604.06960.tv () rz ! fh-kl ! de
[Download RAW message or body]
Am Dienstag 25 April 2006 18:06 schrieb Andrew Morgan:
> On Tue, 25 Apr 2006, Timo Veith wrote:
> > Hi pamldap readers,
> >
> > we have the following setup:
> >
> > saslauthd -> pam -> pam_ldap -> Active Directory
> >
> > cyrus-sasl-2.1.21
> > pam-0.78
> > pam_ldap-180
> > openldap-2.2.28
> >
> > When our users change their passwords, the old password is still
> > valid for about an hour or so. The new one also works, but it's a
> > little misleading if you have saved your old password in your email
> > client in still works until it somehow expires.
> >
> > I guess there is some cache somewhere in between. Our AD admin tells
> > me that passwords get replicated directly. I also tried it with
> > direct ldap binds (without pam) and the old password isn't working
> > there. So it must be some other cache somewhere.
> >
> > I don't have nscd running. Is there any other cache that I should
> > know of?
>
> saslauthd has the following parameters on my systems:
>
> -c Enable cacheing of authentication credentials
>
> -t timeout
> Use timeout as the expiration time of the authentication
> cache (in seconds)
>
>
> Perhaps you have the saslauthd cache enabled somehow?
>
> Andy
Hi,
it turned out that some Microsoft employees who must have smoked some bad
sh** have to be blamed for this.
Check this out:
http://support.microsoft.com/kb/906305/en-us
Thanks for your replies and regards
Timo
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic