| Welcome to LawsonTalk. We hope you enjoy your visit. You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free. After registration, please check your e-mail within 24 hours for an message from us, read it, and reply to it. Join our community! If you're already a member please log in to your account to access all of our features: |
| Password change takes a long time to take effect | |
|---|---|
| Topic Started: Jun 1 2009, 08:22 AM (303 Views) | |
| hremail11 | Jun 1 2009, 08:22 AM Post #1 |
|
Member
  ![]](http://209.85.48.22/static/1/pip_r.png)
|
I'm trying to see if others are having this issue: If I change a user's password (e.g., their SSOP password via Security Administrator->Identities->SSOP->password), it takes several minutes to actually take effect. What is happening? Is there a way to speed up this process? Clearing the IOS cache does not appear to have any impact on the speed of this process. |
 |
 
|
| schroncd | Jun 8 2009, 05:43 AM Post #2 |
Lawson Technorati
|
Have you done an ldap bind? If so are you authenticating against the same server where the password change is made? |
|
|
|
| Cindy | Jun 8 2009, 08:10 AM Post #3 |
|
Super Member
|
It has always taken several minutes to migrate through our network. And yes, we do use the LDAP bind. Whenever we have to do this, we simply let the users know to wait 15 min...that's just our standard "rule" now. |
|
|
|
| hremail11 | Jun 8 2009, 01:06 PM Post #4 |
|
Member
|
Sigh. Okay, thanks! :) |
|
|
|
| atsekhan | Jul 10 2009, 10:40 AM Post #5 |
Newbie
|
Yes, you're correct. The ADMIN changes indeed take a few minutes (changes done via LSA). I have a good news for you though - I do know what the issue is and how to solve it. The password change done by the user (not in LSA, via Portal) is instantaneous, without any delays. However, those routines require old password. My solution to that was as follows: 1. Write a routine that decrypts old password out of Tivoli/ADAM 2. Put a bookmark for admins that calls a CGI program that gets old password and uses it to change the password of a user From portal point of view internally it looks like a user changed his/her own password, even though the change is done by an admin person. Of course, admins will need to be trained to use that bookmark to change password instead of the LSA. The change is secure as decryption etc happens on the server and old password never goes across the network. Note also that with the BINDed installation the change is, actually, instantaneous. It depends not on Lawson, but on the speed of object propagation inside LDAP. For example, if you use Active Directory, you will be much better mapping to a PDC or a Global Catalog Server than a BDC. |
|
|
|
| « Previous Topic · LSF 9.0 (NEW!!) · Next Topic » |
10:25 PM Jul 31
