Help required IIS 6.0 + OPENLDAP [Answered]RSS

1 reply

Last post Jun 01, 2010 06:14 AM by WenJun Zhang - MSFT

  • Help required IIS 6.0 + OPENLDAP

    May 25, 2010 03:05 PM|mohit.hotchandani|LINK

    Hi Team,

    I have a simple html page that is on a windows 2003 SP2 IIS 6.0 server. The page is using basic authentication and is making a call to a custom component using an OPENLDAP query which is authenticating the user. This works pretty smoothly.

    Now i have a requirement where i need to ensure that as soon as the user logs out of the application the account created in the AD should be deleted, and when i relogin again it should again run the ldap query and allow me to authenticate. So i performed the following tests

    1. Logged in to the application with basic authentication with the username "test"

    2. Logged out of the app and deleted the username "test"

    3. Recreated the same user "test" with the exact same password

    4. When i try to browse my htm page which makes a call to the LDAP query to authenticate it fails

    5. If i do an IISRESET and then try it works.

    So my hunch is that the credentials are being cached somewhere.

    Troubleshooting Done

    ==================

    1. tried with a new password the authentication works

    2. also reduced the value of UserTokenTTL value to 0 but that also did not help

    Could someone please help as this is an urgent issue.

    Thanks

    Mohit Hotchandani

  • Re: Help required IIS 6.0 + OPENLDAP

    Jun 01, 2010 06:14 AM|WenJun Zhang - MSFT|LINK

    Hi,

    There is new behavior since Win2K3 SP1 which also affects this. Please refer to:

    http://support.microsoft.com/kb/906305/en-us

    Furthermore will you accept restart worker process instead of IIS service to clear the cache? If so, you can recycle the app pool after delete the account.