Re: problem with passwd over pam_ldap

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Arthur de Jong <arthur [at] arthurdejong.org>
To: Martin Gröger <mgroeger1 [at] web.de>, nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: problem with passwd over pam_ldap
Date: Sun, 14 Jul 2019 14:44:55 +0200

Hi,

Thanks for the detailed report.

On Thu, 2019-07-11 at 20:04 +0200, Martin Gröger wrote:
> There is first an passwdModifyOID request visible, which does not
> contain the old password. In fact this LDAP access is successful, the
> extendedResponse contains rc=0, and the password is changed on the
> LDAP server. Nevertheless the debug output from the nslcd process
> says that the access failed (with Decoding error).

This "Decoding error" response comes from the OpenLDAP client library.
The only difference I in Wireshark is that your LDAP server responds
with:

extendedResp
    resultCode: success (0)
    matchedDN: 
    errorMessage: 
    response: 3000

While my OpenLDAP server responds with:

extendedResp
    resultCode: success (0)
    matchedDN: 
    errorMessage: 

It appears that the OpenLDAP client library is confused by the 3000
response. I have no idea if this is a bug in the client library.

Thanks,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --

problem with passwd over pam_ldap, Martin Gröger
- Re: problem with passwd over pam_ldap, Arthur de Jong

Prev by Date: problem with passwd over pam_ldap
Next by Date: Notification from LDAP Server
Previous by thread: problem with passwd over pam_ldap
Next by thread: Notification from LDAP Server