2

We are using SQL Server 2005 on Windows Server 2008 with Windows Authentication where access is granted to members of a specific domain group. Clients are VB6/ADO applications that connect via an ODBC System DSN.

I noticed recently that users are being granted access to SQL Server despite their password having expired. For example, if a user's password expires at midday on a given work-day they are rightly allowed to login to their machine first thing in the morning but if they attempt to login to SQL Server (by running the client application) in the afternoon I would expect SQL Server to reject the connection. This is not what we're seeing in practise though, the connection is still being allowed. Other services such as Exchange reject connections under the same circumstances.

Is SQL Server caching credentials? Is there a way to force SQL Server to check for password expiration? Why would SQL Server behave differently than, for example, Exchange?

asked Sep 23, 2015 at 15:32
1
  • 2
    Yes, interactive users can use cached credentials (see some background here). I don't know if there is any exposed way to change this behavior. Commented Sep 23, 2015 at 16:10

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.