From 10cfe39ccb3d5f23a93f173fad748978c74b8426 Mon Sep 17 00:00:00 2001
From: gerardma77 <115136373+gerardma77@users.noreply.github.com>
Date: Thu, 19 Sep 2024 18:44:00 +0000
Subject: [PATCH] backport of commit 2e6944d93eac05698c996921bf17a4faf21cfd7b

---
 website/content/docs/secrets/ldap.mdx | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/website/content/docs/secrets/ldap.mdx b/website/content/docs/secrets/ldap.mdx
index 5ac9b4aa9042..114d513fdb9e 100644
--- a/website/content/docs/secrets/ldap.mdx
+++ b/website/content/docs/secrets/ldap.mdx
@@ -199,6 +199,18 @@ Some important things to remember when crafting your LDIF entries:
 
 ### Active directory (AD)
 
+<Note> 
+
+  Windows Servers hosting Active Directory include a 
+  `lifetime period of an old password` configuration setting that lets clients
+  authenticate with old passwords for a specified amount of time.
+
+  For more information, refer to the
+ [NTLM network authentication behavior](https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security new-setting-modifies-ntlm-network-authentication)
+  guide by Microsoft.
+
+</Note>
+
 For Active Directory, there are a few additional details that are important to remember:
 
 To create a user programmatically in AD, you first `add` a user object and then `modify` that user to provide a