lists.arthurdejong.org
RSS feed

Re: Help required regarding nss-pam-ldap

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Help required regarding nss-pam-ldap



On Mon, 12 Jun 2017, Thejaswi Manjunatha wrote:
Later I noticed the user on the LDAP server did not had read permission on his own record. When checked with history this behavior used to work with open-ldap client. Kindly help me to understand was it done with any intention or is it just my misconception. Any help here is very much appreciated. 
Currently nslcd performs a search after a BIND operation to the LDAP 
server to validate that the authentication was successful. Some work was 
done on making this configurable but this was not finished yet.
The reason for the search after BIND is that some LDAP servers have been 
known to not return an error condition in certain situations if the 
authentication failed. I think this was mostly the case when using an 
empty password.
--
-- Arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/