I've noticed before that after changing my password my phone continues to function for receiving and sending email under my old password. It would always eventually prompt me to put in the new password but I thought this was strange. I never really looked into it but I assumed it was running off an existing connection or security token. Yesterday, a user account was disabled in AD. Eventually we were forwarded a msg. showing the user still sending emails to dept. members via their iPhone. I've tested this out today and a disabled active directory account can still send/receive email for quite some time. It seems like this shouldn't be allowed but if it's a cached token or credential then I'm sure a time-out setting is available. What controls this and how can I modify it? Our environment is AD based with front-end/back-end E2k3 SP2 servers.

Hi-Take a look at these links:http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/6b2e7fcd-5fad-4ac8-ac0a-dcfbe771e9e1.mspx?mfr=truehttp://support.microsoft.com/kb/267568Active Directory, 4th Edition - www.briandesmond.com/ad4/

Thanks, Brian. I marked this as the answer although it seems like it was a much longer time than the default 15 minutes. I'll try adding this registry key with short time limit.