Adding AD lifetime period of an old password note to Vault LDAP secre…

…ts Engine Documentation. (#28428) * adding_OldPasswordAllowedPeriod_waring * Updated note for AD passwords * Update website/content/docs/secrets/ldap.mdx Co-authored-by: Sarah Chavis <[email protected]> --------- Co-authored-by: Equus quagga <[email protected]> Co-authored-by: Sarah Chavis <[email protected]>
hashicorp · Sep 19, 2024 · 2e6944d · 2e6944d
1 parent 343cc88
commit 2e6944d
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/website/content/docs/secrets/ldap.mdx b/website/content/docs/secrets/ldap.mdx
@@ -199,6 +199,18 @@ Some important things to remember when crafting your LDIF entries:
 
 ### Active directory (AD)
 
+<Note> 
+
+  Windows Servers hosting Active Directory include a 
+  `lifetime period of an old password` configuration setting that lets clients
+  authenticate with old passwords for a specified amount of time.
+
+  For more information, refer to the
+ [NTLM network authentication behavior](https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security new-setting-modifies-ntlm-network-authentication)
+  guide by Microsoft.
+
+</Note>
+
 For Active Directory, there are a few additional details that are important to remember:
 
 To create a user programmatically in AD, you first `add` a user object and then `modify` that user to provide a