Needed to add a new user “immediately” to have access to a site. No it was needed immediately, but lack of planning on someone’s part made it appear to be immediate. So I added to the AD group and went home.
…. 15 minutes later I get a call that they still can’t access the site, so double checked that I put the user in the correct AD group. Well I did but when I went to permissions for the site and tested the user permission it didn’t show up.
So a quick search revealed that when using Claims based Authentication there is a default property setting called token-timeout and it is set for 1440 minutes (24 hours)
To View and change this do the following:
stsadm -o getproperty -propertyname token-timeout
This will get your default setting
stsadm -o setproperty -propertyname token-timeout -propertyvalue
I ran this on my app server