Share via

Active Directory User Session Expires After Changing Password

Jervic Andres 40 Reputation points
2024-03-06T09:26:39.4733333+00:00

Good day,

We have a SharePoint site that has a customized web part for changing a user password. The accounts are from Active Directory. The web part is added to a page and allows user to change their password. But every time a user change their password, their session expires and prompts a login. Users are unable to see the Success message unless they log in again using the new password. What is the reason behind this? Is this a normal behavior?

This is the code I used to change the AD user password:

PrincipalContext _context = null;
//Get context en user object
                _context = new PrincipalContext(ContextType.Domain,
                    Domain,
                    SearchString,
                    AdminUser,
                    AdminPass
                    );
                UserPrincipal user = UserPrincipal.FindByIdentity(_context, username);
                //User does not exist
                if (user == null)
                {
                    lblError.Text = "Username and/or password incorrect. Password was not changed.";
                    return;
                }
                //Check if password is expired
                bool isOldPassValid = false;
                DateTime? PasswordExpDate;
                if (user.LastPasswordSet != null)
                    PasswordExpDate = ((DateTime)user.LastPasswordSet).AddDays(int.Parse(PasswordExpiresInDays));
                else
                    PasswordExpDate = new DateTime(1970, 01, 01);
                if ((user.LastPasswordSet == null || PasswordExpDate < DateTime.UtcNow) && !user.PasswordNeverExpires)
                {
                    //Temporarly unexpire password and check credentials
                    user.RefreshExpiredPassword();
                    isOldPassValid = _context.ValidateCredentials(user.SamAccountName, oldPass);
                }
                else
                    isOldPassValid = _context.ValidateCredentials(user.SamAccountName, oldPass);
                //Old password not correct
                if (!isOldPassValid)
                {
                    lblError.Text = "Username and/or old password incorrect";
                    return;
                }
                //Everything OK, change pass
                user.SetPassword(newPass1);
                user.Save();
                lblSuccess.Text = "Your password has been changed successfully. Please close your browser and log in using your new password.";
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Microsoft 365 and Office | SharePoint | For business | Windows
0 comments
Accepted answer
  1. RaytheonXie_MSFT 40,471 Reputation points Microsoft External Staff
    2024-03-07T08:07:18.9333333+00:00

    Hi @Jervic Andres,

    This should be expected behavior. Once you changed the user's password, you will need to relogin the site. The Session will be available after the user relogin. You could refer to following document

    https://learn.microsoft.com/en-us/microsoft-365/enterprise/session-timeouts?view=o365-worldwide

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.