ESSO-LM Does Not Immediately Recognize a Password Change for a Credential Sharing Group (Doc ID 1308152.1)

Last updated on JUNE 20, 2017

Applies to:

Oracle Enterprise Single Sign-On Suite - Version: 11.1.1.2.0 and later   [Release: 11g and later ]
z*OBSOLETE: Microsoft Windows Vista x64 (64-bit)
z*OBSOLETE: Microsoft Windows Vista (32-bit)
Microsoft Windows x64 (64-bit) - OS Version: 7
Microsoft Windows (32-bit) - OS Version: 7

Goal


In Windows Vista and Windows 7, if a user's password is changed in Active Directory while the user is logged on, this change does not take effect immediately.

This is due to differences between Microsoft's security model for previous Windows operating systems and that of Windows Vista/Windows 7. Microsoft has removed the "NPPasswordChangeNotify" function that previously informed ESSO-LM of the need to refresh cached credentials, and therefore the local cached credentials are not updated.


This Microsoft change only affects users who are logged in when the administrator changes the password remotely. Administrators should always ensure that a user has logged off all client workstations before assigning a new password.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms