Fuck teamcity. You locked my domainaccount 2 times already this week. Even when i used a accesskey it queried the AD.

  • 1
    I am not to surprised it checked with AD for the access key.

    The key is to avoid adding username and password but without a check the access key would keep working even after the domain account is closed which is very bad security practice.

    Sure it’s inconvenient when you (or some process) accidentally lock the account, but what if you have it locked due to leaked credentials or rouge coworker that trues to sabotage something after getting fired.

    Manually revoking keys is more work and will be forgotten from time to time.
  • 1
    @Voxera user existence and password verification can be one query, in my opinion it shouldnt.
Add Comment