Windows group account setup with LDAP

We currently have Authenticate Active Directory Users via LDAP turned on and Auth type is Kerberos using SSL.
We are adding the Windows group account under add windows account.

Specify credentials to access Active Directory or Local Domain

We type on service account example service.solarwinds.ldap and our password

We select the OU group to allow the users.

My question is if we change the Service.solarwinds.ldap account password in 60 days do we have to remove and re-add the groups for the authentication to keep working? If we do not have to can someone explain why the new password does not have to be entered anywhere?

I tried looking up this but could find anything related to this question. I figured the password is stored when the AD group is added with the LDAP account but I'm probably wrong lol

Find more posts tagged with

ldap

ldap authentication

windows groups

Accepted answers

All comments

christopher.t.jones123

@mjalden1, you do not have to remove and re-add the groups. The reason is that you are only entering that Service account so that you can query AD to find the group to add and validate it is an existing group. Subsequent authentication requests do not rely on that service account, at that point it is just passing the provided credentials (the user attempting to log in) and querying directly using that credentials permissions to authenticate.