I've done a bit of searching and haven't found any answers to this problem. I apologize in advance if this has been brought up before (if it has, send me a link please).
I am using an active directory server to authenticate my drupal site. When I change the password for a user on the AD server, I can use both the old and new passwords to successfully log into the drupal site for a large period of time after changing the password. I've tried running cron, clearing the cache (using devel.module), and even restarting the browser and server and I can still log in with both passwords. I have the ldap_integration module set to use "LDAP directory only". The old password does seem to eventually stop working.
Is there a way to have the change take place immediately (or at least when the user next logs in) and/or not have two valid passwords at one time? Let me know if you need any more information about my setup.
Comments
Comment #1
rick.archibald commentedSubscribing - have the same issue.
Comment #2
johnbarclay commentedClosing 5.x issues to clean out issue queue.