RSS feed

Re: Fwd: Openldap/authconfig authenticating multiple times

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Fwd: Openldap/authconfig authenticating multiple times

On Tue, 2017-11-21 at 15:33 -0500, Dave Macias wrote:
> Basic background:
> 3 openldap servers with multimaster replication and
> ppolicy pwdMaxFailure: 6.
> When i try to authenticate to the linux box nslcd authenticates to
> all 3 master servers which return 3 failures, which give you
> 3 pwdFailureTime attributes for the account. So after typing the
> password incorrectly twice, the user get's locked out.

This should be fixed in nss-pam-ldapd 0.9.8. The problem was that LDAP
failures generally would trigger a fail-over and retry to a second LDAP
server. This also happened for authentication failures.

The relevant change is here:

I don't think I have a workaround for this (apart from applying the

Kind regards,

-- arthur - - --
To unsubscribe send an email to or see