Deliver Awesome UI with the most complete toolboxes for .NET, Web and Mobile development
Automate UI, load and performance testing for web, desktop and mobile
A complete cloud platform for an app or your entire digital business
Detect and predict anomalies by automating machine learning to achieve higher asset uptime and maximized yield
Automate decision processes with a no-code business rules engine
Optimize data integration with high-performance connectivity
Connect to any cloud or on-premises data source using a standard interface
Build engaging multi-channel web and digital experiences with intuitive web content management
Personalize and optimize the customer experience across digital touchpoints
Build, protect and deploy apps across any platform and mobile device
Rapidly develop, manage and deploy business apps, delivered as SaaS in the cloud
I will provide you with this information in a few hours.
Please excuse me for the delay.
I investigated the issue further and here's what I found out:
Ldap users are handled in out LdapMembership provider, which is read-only - you can't change any properties of the users through it. It simply pulls users from your AD. The password of the user is not stored anywhere, nor it can be changed from somewhere in Sitefinity. On your question - what is the functionality of the Reset password button, I would say - it doesn't work for Ldap users, because we don't store the password anywhere (as mentioned before). Furthermore, the ChangePassword method of the provider is configured to raise a NotSupportedException.
What happens when the users logs in is that ValidateUser method is called, then the AuthenticateUser method of Ldapfacade. What happens is that A Network connection is opened and the Ldap credentials are passed to it. If the credentials are not correct, a connection can't be established. Then the code goes to some generic system classes. User credentials are not cached on Sitefinity level. Possible reasons for what you experience is authentication cookies, that weren't deleted, because you changed the password of the user, while he was logged in to the server. Another possible reason is if you're using an Ldap forest, the password that you changed may not have been updated on all nodes and when you tried to log in with the old password again, you were redirected to a node, where the new password still hasn't been applied. These are just possible reasons for the behavior. In short, we don't have mechanism in Sitefinity that stores the user credentials of caches them.
Hope you find this information useful!