RSS feed

Re: Maybe schema ppolicy problem, old openldap

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Maybe schema ppolicy problem, old openldap

On Thu, 24 Mar 2016, Берденников Александр wrote:
nslcd -d on client shows
nslcd: [94b2fb] <authc="berdennikov"> DEBUG: ldap_result(): end of results (0 
nslcd: [94b2fb] <authc="berdennikov"> > 
uid=berdennikov,ou=IT,ou=Departments,,ou=Domains,ou=Users,dc=promodev,dc=ru: No results 

The problem is probably that the user cannot search for its own entry in LDAP. As an extra check nslcd performs a check to see if the search for its own returns a result. The reason for this is that some LDAP servers seem to semi-silently fall back to an anonymous BIND if the authenticated BIND fails.

Some work is ongoing to see if a better solution for this can be found.

The unrecognized control message can be safely ignored and should not be related to this issue. If you want to be sure of this you will have to downgrade to a 0.8 version of nslcd which does not request password policy information on BIND.

Hope this helps,

-- arthur - - --
To unsubscribe send an email to or see