iis security: IIS Digest Authentication and Domain Password Changes -- iis security

IIS Digest Authentication and Domain Password Changes

Joe Cormane
2/8/2008 11:02:32 AM

iis security:

I have a security scenario where people in remote offices change their
passwords then attempt to connect to an IIS-hosted application at my site
before the replication interval. I know that windows polls the PDC emulator
to see if password changes have occurred, however, I wasn't sure if IIS does
the same thing or if it could be configured to do so. Currently we are
using Digest authentication. No realm is specified if that makes a
difference.

I just want to ensure that the remote users don't end up locked-out in the
event that they have changed passwords and get impatient. I also don't want
to force a bunch of unnecessary replication just for an event that occurs
once every 90 days.

Re: IIS Digest Authentication and Domain Password Changes

Ken Schaefer
2/9/2008 5:19:28 PM

Hi,

IIS just uses the underlying Windows security infrastructure. So IIS will
contact a local DC to authenticate the user. If the DC thinks that the
password is incorrect, it will contact the PDCe FSMO role holder to check,
before telling IIS that the password is, indeed, incorrect.

Cheers
Ken

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages in the iis security group.