SID-01298: User unable to login after Windows password expires

Status:	Answered	TWiki version:	5.0.2	Perl version:
Category:	LdapContrib	Server OS:		Last update:	13 years ago

A twiki user authenticated through Active Directory was suddenly unable to login and got a message 'oops unable to recognize user'

The users password in Windows had expired but the user had not yet changed it. When he restarted Windows and changed the password and logged in again, he could login again in TWiki.

Is there any way for LdapContrib to indicate that the password has expired, instead of the oops message?

-- RonMascarenhas - 2011-10-19

Discussion and Answer

The LdapContrib caches user credentials for speed. You can change the cache age in the configuration.

There is currently no automatic cache invalidation on invalid login. The contrib could be enhanced for that, it would need to be optional because depending on the size of your LDAP directory it can take many minutes to refresh the cache.

-- PeterThoeny - 2011-10-19

PS: The contrib has a way to refresh the cache from the browser. You could add a cache refresh button to the failed login page.

-- PeterThoeny - 2011-10-19

After the problem occured, the cache age was set to 2 mins but the user still could not login after an hour.

-- RonMascarenhas - 2011-10-20

Closing this question after more than 30 days of inactivity. Feel free to reopen if needed. Consider engaging one of the TWiki consultants if you need timely help. We invite you to get involved with the community, it is more likely you get community support if you support the open source project!

-- PeterThoeny - 2012-01-23

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.