Re: CentOS 7 : ldap authentication failed

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Otavio Campos Velho Gloria <og [at] e-trust.com.br>
To: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: CentOS 7 : ldap authentication failed
Date: Mon, 26 Jan 2015 15:22:20 -0200

Hi,

Cloud you send your configuration of nslcd.conf file?
Perhaps something is missing.

On 26/01/2015 13:04, Berend De Schouwer wrote:

On Mon, 26 Jan, 2015 at 3:53 , Frédéric Marchal marchal.frederic [at] gmail.com wrote:

Hi,

We are building our first CentOS 7 server.

Your LDAP server, or your server that should use nslcd to authenticate?

We don't understand why after successfully binding to ldap, nslcd does a new request for the dn with a wrong base dn (uid=username has been added to the ldap base dn).

The first bind is to confirm the existence of the user, and to check that the user is valid (right objectClass, etc.)

The second bind is to test the password.

It's adding uid=username because that's your username.

nslcd: [7b23c6] <shadow="username"> DEBUG: myldap_search(base="ou=people,dc=companyname,dc=com", filter="(&(objectClass=shadowAccount)(uid=username))")

nslcd client does a search for users with 'uid=username'

nslcd: [7b23c6] <shadow="username"> DEBUG: ldap_result(): uid=username,ou=people,dc=companyname,dc=com

LDAP server responds with 'uid=username' can be found in 'uid=username,ou=people,dc=companyname,dc=com'

It sounds like you think the LDAP server would have responded with something else.

nslcd: [3c9869] <authc="username"> DEBUG: ldap_simple_bind_s("uid=username,ou=people,dc=companyname,dc=com","***") (uri="ldaps://LDAPSERVER1")

Let's try the password...

Otávio Campos Velho Gloria
www.e-trust.com.br
Porto Alegre: +55 (51) 2117-1000
São Paulo: +55 (11) 5521-2021
USA: +1-888-259-5801

Esta mensagem pode conter informações confidenciais ou privilegiadas. Se você recebeu esta mensagem por engano, você não deve usar, copiar, divulgar ou tomar qualquer atitude com base nestas informações. Solicitamos que você apague a mensagem imediatamente e avise a E-TRUST, enviando um e-mail para suporte [at] e-trust.com.br. Opiniões, conclusões ou informações contidas nesta mensagem não necessariamente refletem a posição oficial da E-TRUST. Caso assinada digitalmente, a autenticidade desta mensagem pode ser confirmada pela Autoridade Certificadora Privada E-TRUST, disponível em www.e-trust.com.br.

This message may contain privileged and confidential information for the use of the intended recipients only. If you are not an intended recipient then you should not disseminate, copy, or take any action based on its contents. If you have received this message in error then please notify E-TRUST by sending an e-mail message to suporte [at] e-trust.com.br immediately. Views and opinions expressed in this message do not necessarily reflect the position of E-TRUST. If this message is digitally signed, its authenticity can be confirmed by E-TRUST Private Certificate Authority, available at www.e-trust.com.br.

Attachment: smime.p7s
Description: Assinatura criptográfica S/MIME

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

CentOS 7 : ldap authentication failed, Frédéric Marchal
- Re: CentOS 7 : ldap authentication failed, Berend De Schouwer
  - Re: CentOS 7 : ldap authentication failed, Otavio Campos Velho Gloria
  - Message not available
    - Fwd: CentOS 7 : ldap authentication failed, Frédéric Marchal
      - Re: Fwd: CentOS 7 : ldap authentication failed, Arthur de Jong
        
        Re: Fwd: CentOS 7 : ldap authentication failed, Frédéric Marchal

Prev by Date: Re: CentOS 7 : ldap authentication failed
Next by Date: Fwd: CentOS 7 : ldap authentication failed
Previous by thread: Re: CentOS 7 : ldap authentication failed
Next by thread: Fwd: CentOS 7 : ldap authentication failed