2017-12-14 10:01 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0014160CentOS-7nss-pam-ldapdpublic2017-11-21 21:27
Reporterdavama 
PrioritynormalSeverityminorReproducibilityalways
StatusnewResolutionopen 
Platformx86_64OSCentOSOS Version7.4.1708
Product Version 
Target VersionFixed in Version 
Summary0014160: Openldap/nslcd authenticating multiple times
DescriptionI had posted this on centos forum here but no help :(
https://www.centos.org/forums/viewtopic.php?f=48&t=65041&hilit=authconfig

Basic background:
3 openldap servers with multimaster replication and ppolicy pwdMaxFailure: 6.
When i try to authenticate to the linux box nslcd authenticates to all 3 master servers which return 3 failures, which give you 3 pwdFailureTime attributes for the account. So after typing the password incorrectly twice, the user get's locked out.

Please see the link for details

Currently nss-pam-ldapd is on version 0.8.13. Any change to apply the patch to the next centos nss-pam-ldapd release?

Thank you,
-dave
Steps To Reproduce* configure nslcd with 3 ldap servers
* failing authentication causes 3 pwdFailureTime attributes to appear
* after the second failure, openldap locks the user account
Additional InformationI had reported this to nss-pam-ldapd mailing list and this was the response:
https://lists.arthurdejong.org/nss-pam-ldapd-users/2017/msg00110.html

The commit he mentions is here:
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=d8ad7b127363d6d73ab1de6796886fda5eb07054

TagsNo tags attached.
abrt_hash
URL
Attached Files

-Relationships
+Relationships

-Notes
There are no notes attached to this issue.
+Notes

-Issue History
Date Modified Username Field Change
2017-11-21 21:27 davama New Issue
+Issue History