Skip to main content

User.Identity returns old login name after name change

When a person gets married or makes a name change for some other reason this usually means that the login name for the Active Directory-account changes as well. This is rarely a problem, but it turned out to cause some issues on our web server, where the User.Identity property was still returning the old login name.

The user logged on with the new login name, but was identified by the web application as the old login name. The reason this occurs is because the User.Identity property relies on the LsaLookupSids method to convert the user SID to a login name. The method first calls the local LSA-cache, which is not synchronized with the Active Directory.

For this purpose a simple reboot of the web server to clear the LSA-cache propably would have sufficed. But since we didn't want to take the application offline rebooting was not an option. Instead, it is possible to set the registry value LsaLookupCacheMaxSize in HKLM\SYSTEM\CurrentControlSet\Control\Lsa. If this value is set to 0 the LSA-cache is cleared. It is recommended that the setting is reset after the cache is cleared, since the main purpose of the LSA-cache is to enhance performance.

Read more about this issue and the solution here: http://support.microsoft.com/kb/946358

Comments

Popular posts from this blog

The Cornball goes to Brunch with Chaplin

Lately I've been working pretty hard on different projects but not really stumbling upon anything blogworthy. The most recent project is quite interesting though, a single page, touch friendly, web application using the latest and greatest technologies. We've ended up with using Brunch with Chaplin , which is a very neat way of setting up a Backbone based single page web project with Brunch and Chaplin . Aside from this, I have my own little project that has lived on for almost 15 years already, The Cornball . From being a plain Windows application written i C an Win32 API, it has been ported to .NET using WPF, and is currently a Silverlight application hosted on Windows Azure. I could not find a better time to reanimate this project and create a new web based version, touch friendly, super optimized, awesome in any way. So I did... So please follow my journey at Github . It's going to take a while, I assure you, but I already have some ground work done. Meanwhile,...

Bindable RichTextBox with HTML conversion in WPF

In WPF , the RichTextBox  control is not really like other controls. Due to its flexible nature, there is no built in way of binding a property to the content. In this case, I wanted a simple  RichTextBox  control with a binding to an HTML formatted string to be able to use the built-in formatting features of the  RichTextBox  and allow users to create simple HTML formatted content. First, doing the conversion on-the-fly proved to have major performance issues, so I ended up binding the content to a XAML string. The XAML to HTML conversion can be performed at any time. I created a UserControl with a bindable Text-property. The view contains a  RichTextBox  control. <RichTextBox x:Name="richTextBox" TextChanged="OnRichTextBoxChanged"> The source code for the user control contains the Text property and the methods to handle the binding. public static readonly DependencyProperty TextProperty = DependencyProperty.Register( "Te...

Using ASP.NET MVC with MEF

I wrote this post almost a year ago, but never published it for some reason. Anyway, here is a little MVC/MEF magic. By default a controller in MVC must have a parameterless constructor. When using MEF a good practice is to inject the services via constructor parameters. These two in combination obviously creates an issue where the following scenario will not work out of the box, since there is no parameterless constructor for  MVC  to use. Note that the PartCreationPolicy is set to NonShared since a new controller have to be initialized for each request. [Export] [PartCreationPolicy(CreationPolicy.NonShared)] public class HomeController : Controller {     private readonly IServiceClient _service;     [ImportingConstructor]     public HomeController(IServiceClient service)     {         _service = service;     }     public ActionResult Index()     {         ...