Re: Passwords on FreeBSD

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: Gerrit Kühn <gerrit.kuehn [at] aei.mpg.de>
Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: Passwords on FreeBSD
Date: Wed, 25 May 2016 12:15:11 +0200 (CEST)

On Wed, 25 May 2016, Gerrit Kühn wrote:

However, everything requiring my to enter a password appears to failwith some error message like this:
---
May 25 11:04:28 nslcd[64168]: [d9b7c3] <authc="gekueh"> 
uid=gekueh,cn=users,dc=aei,dc=mpg,dc=de: lookup failed: Invalid credentials

This means that the LDAP authentication step failed. You can run nslcd indebug mode for more details but one relatively common thing is that afteran LDAP BIND operation (where the password is checked) nslcd performs asearch operation to check if the BIND operation actually succeeded. Thereare (were) some LDAP servers that in some cases don't give an error onBIND.

The easiest solution is for your LDAP server to allow your users to searchfor their own entry.

There was some work under way to add a configuration option to allowskipping this extra search but I've been quite busy with other stuff thelast few months so I'm afraid there is not much progress there.


Kind regards,

--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Passwords on FreeBSD, Gerrit Kühn
- Re: Passwords on FreeBSD, Arthur de Jong

Prev by Date: Passwords on FreeBSD
Next by Date: Re: Passwords on FreeBSD
Previous by thread: Passwords on FreeBSD
Next by thread: Re: Passwords on FreeBSD