RSS feed

Re: CentOS 7 : ldap authentication failed

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: CentOS 7 : ldap authentication failed

On Mon, 26 Jan, 2015 at 3:53 , Frédéric Marchal <> wrote:

We are building our first CentOS 7 server.

Your LDAP server, or your server that should use nslcd to authenticate?

We don't understand why after successfully binding to ldap, nslcd does a new request for the dn with a wrong base dn (uid=username has been added to the ldap base dn).

The first bind is to confirm the existence of the user, and to check that the user is valid (right objectClass, etc.)

The second bind is to test the password.

It's adding uid=username because that's your username.

nslcd: [7b23c6] <shadow="username"> DEBUG: myldap_search(base="ou=people,dc=companyname,dc=com", filter="(&(objectClass=shadowAccount)(uid=username))")

nslcd client does a search for users with 'uid=username'

nslcd: [7b23c6] <shadow="username"> DEBUG: ldap_result(): uid=username,ou=people,dc=companyname,dc=com

LDAP server responds with 'uid=username' can be found in 'uid=username,ou=people,dc=companyname,dc=com'

It sounds like you think the LDAP server would have responded with something else.

nslcd: [3c9869] <authc="username"> DEBUG: ldap_simple_bind_s("uid=username,ou=people,dc=companyname,dc=com","***") (uri="ldaps://LDAPSERVER1")

Let's try the password...

To unsubscribe send an email to or see