Filing a bug report
On 10/27/2015 09:19 AM, Rene Moser wrote:
> Hi
>
> On 10/27/2015 06:55 AM, Rajani Karuturi wrote:
>> ACS doesnt cache passwords. Everytime, the authentication requests goes to
>> the LDAP server.
>
> This is what I expected, but our test results showing the opposite.
>
> Whi
Hi
On 10/27/2015 06:55 AM, Rajani Karuturi wrote:
> ACS doesnt cache passwords. Everytime, the authentication requests goes to
> the LDAP server.
This is what I expected, but our test results showing the opposite.
While the old password didn't work ldap anymore, it did work on
CloudStack. Even o
Hi
On 10/27/2015 05:08 AM, Suresh Sadhu wrote:
> HI,
>
> Are you using AD or open LDAP.
OpenLDAP
ACS doesnt cache passwords. Everytime, the authentication requests goes to
the LDAP server.
In case of Microsoft AD, this is a AD feature. It allows authentication for
certain period of time. Default lifetime period for an old password is 60
minutes.
more details at https://support.microsoft.com/en
cntl+shift+p in firefox
browser)of your browser without restarting the MS.
Regards
Sadhu
-Original Message-
From: Rene Moser [mailto:[email protected]]
Sent: Monday, October 26, 2015 8:01 PM
To: [email protected]
Subject: Authentication with old LDAP passwords
ACS 4.5.1
ACS 4.5.1
Hi
We discovered an issue which can be security relevant and may also exist
in 4.6.
We use LDAP for user authentication, once a user is authenticated, it
seems this password will be cached on cloudstack management.
If the password has been changed on LDAP, the old password(s) still
wo
