Sorry if this is a duplicate for some of you, I have posted this in the
ngw list serv and here.

We are running GroupWise 8 SP 1. The post office used in this case is
running on NetWare 6.5 SP 8. The post office is configured to access
via LDAP using a BIND method.

I have a couple of users that we changed the passwords for on Friday to
intentionally keep them from accessing either the network or GroupWise.
However, for some reason, they were able to access GroupWise via
WebAccess using the old password. One was on Sunday and one was this
morning. After the password was changed on Friday, the account was
logged into using the new password so we know the password did change.

Below is the log file from Sunday afternoon when one of the logged in.
I know it was successful because of the purge record. How is it
possible for someone to log into GroupWise via WebAccess with a password
that is no longer valid.

14:43:35 5D6 C/S Login WebAccess ::GW Id=user :: x.x.x.x [x.x.x.x]
14:43:35 5D6 Initializing LDAP session with x.x.x.x at port 389 (user)
14:43:35 5D6 Processing update: settings (bag) record (user)
14:43:35 5D6 Processing update: send options settings record (user)
14:43:53 5D6 Processing update: item record (user)
14:43:53 5D6 Processing update: item record (user)
14:43:53 5D6 Purge Execution Record (user)

As you can imagine, this is really important for me to figure out and
answer because of obvious security implications.