KB 170049: IDENTIKEY Authentication Server LDAP backend authentication fails after renaming a user in Active Directory.1/3/2018 4:52:16 PM
When renaming a user in Active Directory, LDAP backend authentication on Windows Server 2012 from IDENTIKEY Authentication Server (IAS) fails. This is because Microsoft has enhanced its security on the sAMAccountName, which IAS uses for the LDAP bind.
A solution for this issue is to configure the LDAP backend authentication on IAS with LDAP SSL.
With LDAP SSL the Distinguished Name is used for the bind which is not impacted by the Microsoft enhancement.
A procedure to configure LDAP SSL backend authentication on IAS is explained in KB 1500093.
A quick workaround is to reset the Active Directory password after renaming the user. This will rehash the password in Active Directory and backend authentication will work again.
Applies to: IDENTIKEY Authentication Server
KB 170049– 3/01/2018
© 2018 VASCO Data Security. All rights reserved.