Certain IT users need access to log in to a nonproduction environment as any arbitrary user.
We use LDAP authentication against Active Directory for all our environments. By resetting the user's database password, though, we can allow the system to fail LDAP authentication, then pass database authentication.
Under certain circumstances I have yet to fully understand, sometimes logging in as a user this way causes their AD account to get locked. Even after we log out of IFS as that user, the system still attempts AD authentication repeatedly.
When this happens, the only solution I have yet discovered is to restart the middleware.
Is this preventable?
When it happens, is there a less severe solution than restarting the middleware?
