RSS feed

Re: R: pwdReset problem in CentOS 7

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: R: pwdReset problem in CentOS 7

On 1/9/19 10:11 PM, Arthur de Jong wrote:
On Mon, 2019-01-07 at 12:15 +0100, wrote:
 From your logs:
nslcd: [e45d32] <authc="lux"> DEBUG: 
myldap_search(base="uid=lux,ou=Tecnici,ou=People,dc=test,dc=it", filter="(objectClass=*)")
nslcd: [e45d32] <authc="lux"> ldap_result() failed: Insufficient
access: Operations are restricted to
bind/unbind/abandon/StartTLS/modify password >
The problem here may be that the policy does not provide any grace
logins left but I'm not 100% sure.

With grace logins no more search operations by this user are allowed and the diagnostic message returned by OpenLDAP seems to be pretty clear on that.

So nslcd has to use the privileged connection specified with rootpwmoddn/rootpwmodpw to search for the user in this case.

Ciao, Michael.
To unsubscribe send an email to or see