Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > user.identity.name returns old AD user name

Reply
Thread Tools

user.identity.name returns old AD user name

 
 
Antonio O''Neal
Guest
Posts: n/a
 
      10-31-2008
We changed a username in AD. The user now logs on to a computer on our
network using the new username without any problems. They can not logon using
the old username. However, when they access a IIS 6.0 web site where a
programmer compares system.web.httpcontext.current.user.identity.name to a
lookup table containing usernames they could not gain access with the new
userid. We created a web page to show what
system.web.httpcontext.current.user.identity.name is returning. It is
returning their old username. If we put the old username in the table the
user may access the web site. The IIS site logs for the web site show the
new username for the user as he accesses the site. I have used adsiedit to
look at the user's information in AD. It shows only the new username through
out the the account parameters.

We also have a sharepoint 3.0 site that shows the user's old username when
he accesses that site.

What can I do so system.web.httpcontext.current.user.identity.name will
contain the new username for this renamed account?

Thank you,
Antonio


 
Reply With Quote
 
 
 
 
Joe Kaplan
Guest
Posts: n/a
 
      10-31-2008
Does the problem go away if you reboot the web server? It sounds like the
LSA on the web server has cached the username for this particular user's SID
and isn't actually going to a domain controller to look it up. I would
expect this cache is is memory and would get wiped out by a reboot. I would
also expect this problem to eventually go away.

The other possibility is that the web server is talking to a domain
controller that has not picked up the update yet via normal replication, but
that sounds less likely unless replication is weird/broken in this
environment.

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Antonio O''Neal" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> We changed a username in AD. The user now logs on to a computer on our
> network using the new username without any problems. They can not logon
> using
> the old username. However, when they access a IIS 6.0 web site where a
> programmer compares system.web.httpcontext.current.user.identity.name to a
> lookup table containing usernames they could not gain access with the new
> userid. We created a web page to show what
> system.web.httpcontext.current.user.identity.name is returning. It is
> returning their old username. If we put the old username in the table the
> user may access the web site. The IIS site logs for the web site show the
> new username for the user as he accesses the site. I have used adsiedit
> to
> look at the user's information in AD. It shows only the new username
> through
> out the the account parameters.
>
> We also have a sharepoint 3.0 site that shows the user's old username when
> he accesses that site.
>
> What can I do so system.web.httpcontext.current.user.identity.name will
> contain the new username for this renamed account?
>
> Thank you,
> Antonio
>
>



 
Reply With Quote
 
 
 
 
Antonio O''Neal
Guest
Posts: n/a
 
      10-31-2008
Joe,

First, thank you for the quick response.

Rebooting did fix the issue on a test server. We were hoping to find
something we could do that would not require a reboot like clearing a cache
area. We have some kiosks that access a different web site on the same
server which sometimes have problems when we reboot this production server .
Is there anything else we can do?

"Joe Kaplan" wrote:

> Does the problem go away if you reboot the web server? It sounds like the
> LSA on the web server has cached the username for this particular user's SID
> and isn't actually going to a domain controller to look it up. I would
> expect this cache is is memory and would get wiped out by a reboot. I would
> also expect this problem to eventually go away.
>
> The other possibility is that the web server is talking to a domain
> controller that has not picked up the update yet via normal replication, but
> that sounds less likely unless replication is weird/broken in this
> environment.
>
> Joe K.
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services Programming"
> http://www.directoryprogramming.net
> --
> "Antonio O''Neal" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > We changed a username in AD. The user now logs on to a computer on our
> > network using the new username without any problems. They can not logon
> > using
> > the old username. However, when they access a IIS 6.0 web site where a
> > programmer compares system.web.httpcontext.current.user.identity.name to a
> > lookup table containing usernames they could not gain access with the new
> > userid. We created a web page to show what
> > system.web.httpcontext.current.user.identity.name is returning. It is
> > returning their old username. If we put the old username in the table the
> > user may access the web site. The IIS site logs for the web site show the
> > new username for the user as he accesses the site. I have used adsiedit
> > to
> > look at the user's information in AD. It shows only the new username
> > through
> > out the the account parameters.
> >
> > We also have a sharepoint 3.0 site that shows the user's old username when
> > he accesses that site.
> >
> > What can I do so system.web.httpcontext.current.user.identity.name will
> > contain the new username for this renamed account?
> >
> > Thank you,
> > Antonio
> >
> >

>
>
>

 
Reply With Quote
 
Joe Kaplan
Guest
Posts: n/a
 
      10-31-2008
Unfortunately I have an imperfect understanding of the problem, so I'm not
sure.

This KB article seems relevant and has info on changing some cache behaviors
via registry settings, so you might try this to see if it works for you.

http://support.microsoft.com/kb/946358

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Antonio O''Neal" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Joe,
>
> First, thank you for the quick response.
>
> Rebooting did fix the issue on a test server. We were hoping to find
> something we could do that would not require a reboot like clearing a
> cache
> area. We have some kiosks that access a different web site on the same
> server which sometimes have problems when we reboot this production server
> .
> Is there anything else we can do?
>
> "Joe Kaplan" wrote:
>
>> Does the problem go away if you reboot the web server? It sounds like
>> the
>> LSA on the web server has cached the username for this particular user's
>> SID
>> and isn't actually going to a domain controller to look it up. I would
>> expect this cache is is memory and would get wiped out by a reboot. I
>> would
>> also expect this problem to eventually go away.
>>
>> The other possibility is that the web server is talking to a domain
>> controller that has not picked up the update yet via normal replication,
>> but
>> that sounds less likely unless replication is weird/broken in this
>> environment.
>>
>> Joe K.
>> --
>> Joe Kaplan-MS MVP Directory Services Programming
>> Co-author of "The .NET Developer's Guide to Directory Services
>> Programming"
>> http://www.directoryprogramming.net
>> --
>> "Antonio O''Neal" <(E-Mail Removed)> wrote in
>> message
>> news:(E-Mail Removed)...
>> > We changed a username in AD. The user now logs on to a computer on our
>> > network using the new username without any problems. They can not logon
>> > using
>> > the old username. However, when they access a IIS 6.0 web site where a
>> > programmer compares system.web.httpcontext.current.user.identity.name
>> > to a
>> > lookup table containing usernames they could not gain access with the
>> > new
>> > userid. We created a web page to show what
>> > system.web.httpcontext.current.user.identity.name is returning. It is
>> > returning their old username. If we put the old username in the table
>> > the
>> > user may access the web site. The IIS site logs for the web site show
>> > the
>> > new username for the user as he accesses the site. I have used
>> > adsiedit
>> > to
>> > look at the user's information in AD. It shows only the new username
>> > through
>> > out the the account parameters.
>> >
>> > We also have a sharepoint 3.0 site that shows the user's old username
>> > when
>> > he accesses that site.
>> >
>> > What can I do so system.web.httpcontext.current.user.identity.name
>> > will
>> > contain the new username for this renamed account?
>> >
>> > Thank you,
>> > Antonio
>> >
>> >

>>
>>
>>



 
Reply With Quote
 
Antonio O''Neal
Guest
Posts: n/a
 
      10-31-2008
Thank you! I will read it over.

Have a nice weekend!

"Joe Kaplan" wrote:

> Unfortunately I have an imperfect understanding of the problem, so I'm not
> sure.
>
> This KB article seems relevant and has info on changing some cache behaviors
> via registry settings, so you might try this to see if it works for you.
>
> http://support.microsoft.com/kb/946358
>
> Joe K.
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services Programming"
> http://www.directoryprogramming.net
> --
> "Antonio O''Neal" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Joe,
> >
> > First, thank you for the quick response.
> >
> > Rebooting did fix the issue on a test server. We were hoping to find
> > something we could do that would not require a reboot like clearing a
> > cache
> > area. We have some kiosks that access a different web site on the same
> > server which sometimes have problems when we reboot this production server
> > .
> > Is there anything else we can do?
> >
> > "Joe Kaplan" wrote:
> >
> >> Does the problem go away if you reboot the web server? It sounds like
> >> the
> >> LSA on the web server has cached the username for this particular user's
> >> SID
> >> and isn't actually going to a domain controller to look it up. I would
> >> expect this cache is is memory and would get wiped out by a reboot. I
> >> would
> >> also expect this problem to eventually go away.
> >>
> >> The other possibility is that the web server is talking to a domain
> >> controller that has not picked up the update yet via normal replication,
> >> but
> >> that sounds less likely unless replication is weird/broken in this
> >> environment.
> >>
> >> Joe K.
> >> --
> >> Joe Kaplan-MS MVP Directory Services Programming
> >> Co-author of "The .NET Developer's Guide to Directory Services
> >> Programming"
> >> http://www.directoryprogramming.net
> >> --
> >> "Antonio O''Neal" <(E-Mail Removed)> wrote in
> >> message
> >> news:(E-Mail Removed)...
> >> > We changed a username in AD. The user now logs on to a computer on our
> >> > network using the new username without any problems. They can not logon
> >> > using
> >> > the old username. However, when they access a IIS 6.0 web site where a
> >> > programmer compares system.web.httpcontext.current.user.identity.name
> >> > to a
> >> > lookup table containing usernames they could not gain access with the
> >> > new
> >> > userid. We created a web page to show what
> >> > system.web.httpcontext.current.user.identity.name is returning. It is
> >> > returning their old username. If we put the old username in the table
> >> > the
> >> > user may access the web site. The IIS site logs for the web site show
> >> > the
> >> > new username for the user as he accesses the site. I have used
> >> > adsiedit
> >> > to
> >> > look at the user's information in AD. It shows only the new username
> >> > through
> >> > out the the account parameters.
> >> >
> >> > We also have a sharepoint 3.0 site that shows the user's old username
> >> > when
> >> > he accesses that site.
> >> >
> >> > What can I do so system.web.httpcontext.current.user.identity.name
> >> > will
> >> > contain the new username for this renamed account?
> >> >
> >> > Thank you,
> >> > Antonio
> >> >
> >> >
> >>
> >>
> >>

>
>
>

 
Reply With Quote
 
Antonio O''Neal
Guest
Posts: n/a
 
      11-03-2008
Joe,

That fixed the problem. I did not even have to reboot for the change to
take effect.

Thank you,
Antonio

"Joe Kaplan" wrote:

> Unfortunately I have an imperfect understanding of the problem, so I'm not
> sure.
>
> This KB article seems relevant and has info on changing some cache behaviors
> via registry settings, so you might try this to see if it works for you.
>
> http://support.microsoft.com/kb/946358
>
> Joe K.
> --
> Joe Kaplan-MS MVP Directory Services Programming
> Co-author of "The .NET Developer's Guide to Directory Services Programming"
> http://www.directoryprogramming.net
> --
> "Antonio O''Neal" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Joe,
> >
> > First, thank you for the quick response.
> >
> > Rebooting did fix the issue on a test server. We were hoping to find
> > something we could do that would not require a reboot like clearing a
> > cache
> > area. We have some kiosks that access a different web site on the same
> > server which sometimes have problems when we reboot this production server
> > .
> > Is there anything else we can do?
> >
> > "Joe Kaplan" wrote:
> >
> >> Does the problem go away if you reboot the web server? It sounds like
> >> the
> >> LSA on the web server has cached the username for this particular user's
> >> SID
> >> and isn't actually going to a domain controller to look it up. I would
> >> expect this cache is is memory and would get wiped out by a reboot. I
> >> would
> >> also expect this problem to eventually go away.
> >>
> >> The other possibility is that the web server is talking to a domain
> >> controller that has not picked up the update yet via normal replication,
> >> but
> >> that sounds less likely unless replication is weird/broken in this
> >> environment.
> >>
> >> Joe K.
> >> --
> >> Joe Kaplan-MS MVP Directory Services Programming
> >> Co-author of "The .NET Developer's Guide to Directory Services
> >> Programming"
> >> http://www.directoryprogramming.net
> >> --
> >> "Antonio O''Neal" <(E-Mail Removed)> wrote in
> >> message
> >> news:(E-Mail Removed)...
> >> > We changed a username in AD. The user now logs on to a computer on our
> >> > network using the new username without any problems. They can not logon
> >> > using
> >> > the old username. However, when they access a IIS 6.0 web site where a
> >> > programmer compares system.web.httpcontext.current.user.identity.name
> >> > to a
> >> > lookup table containing usernames they could not gain access with the
> >> > new
> >> > userid. We created a web page to show what
> >> > system.web.httpcontext.current.user.identity.name is returning. It is
> >> > returning their old username. If we put the old username in the table
> >> > the
> >> > user may access the web site. The IIS site logs for the web site show
> >> > the
> >> > new username for the user as he accesses the site. I have used
> >> > adsiedit
> >> > to
> >> > look at the user's information in AD. It shows only the new username
> >> > through
> >> > out the the account parameters.
> >> >
> >> > We also have a sharepoint 3.0 site that shows the user's old username
> >> > when
> >> > he accesses that site.
> >> >
> >> > What can I do so system.web.httpcontext.current.user.identity.name
> >> > will
> >> > contain the new username for this renamed account?
> >> >
> >> > Thank you,
> >> > Antonio
> >> >
> >> >
> >>
> >>
> >>

>
>
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[os.path.join(r'E:\Python', name) for name in []] returns [] iMath Python 9 01-30-2013 02:17 AM
Re: [os.path.join(r'E:\Python', name) for name in []] returns [] Jean-Michel Pichavant Python 0 01-29-2013 01:33 PM
HttpContext.Current.User returns old user id Dwight Johnson ASP .Net 1 02-28-2010 10:51 AM
print("my name is {name}, and {age}-year old {gender}", name, age, gender); =?iso-8859-1?B?bW9vcJk=?= Java 7 01-02-2006 04:39 PM
New window.name value doesn't stick. Old value returns unless the window is refreshed Diana Javascript 1 04-06-2004 12:09 AM



Advertisments