Web cache domain accounts

Vote:
 
After upgrading to 4.61, our external web caches domain accounts. All users have two accounts, one is like "user" and the other "domain\user". This is strange because the LDAP-settings in web.config are completly blank and the website is running forms authentication with anonymous access only. How do i stop this behavior?
#17593
Mar 25, 2008 19:33
Vote:
 
The domain accounts are only created if a user can log-in successfully with her windows username and password. Are you sure _all_ of your user accounts are duplicated this way, or could it be that users try to log-on with their windows account first, which have no access rights (but can log-in never the less), and then use their EPiServer account? If this happens behind the covers, it is indeed strange. The LDAP settings have nothing to do with this, the Windows authentication handler is enabled by default, and is the one responsible for creating those domain\user accounts. See the configurable authentication chain technote for an example web.config section where you can disable the windows authentication handler (should not be neccessary though.) Note that you cannot log in using the Administrator account if you disable this in the web.config. /Steve
#18439
Mar 25, 2008 19:43
Vote:
 
The real issue is that if i create a user, we can call him user1, and login using the login form i can see the users SID is set to a unique number. Then i create the same user in the domain, hit back to the web, login using the form and all the sudden i have i different SID. This mess things up when you use the User-property... I will read the technote to see if i can solve this issue.
#18440
Mar 25, 2008 19:43
Vote:
 
Problem solved. Removing the WindowsAuthenticationProvider was all i needed. Thank you Steve!
#18441
Mar 25, 2008 19:43
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.