[CentOS] LDAP and expired passwords
Steve Thompson
smt at vgersoft.comFri Oct 31 20:32:10 UTC 2008
- Previous message: [CentOS] Picasa vs. native photo management apps
- Next message: [CentOS] LDAP and expired passwords
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CentOS 5.2 with OpenLDAP 2.3.27, nss_ldap_253.13, using TLS, i686 and x86_64. If a user with an expired password (shadowLastChange + shadowMax < current day) logs in to a system where ldap.conf points first to a consumer-only LDAP server, the password change operation (exop) proceeds and fails with: LDAP password information update failed: Referral If I comment out "ssl start_tls", the referral to the master is followed and the password change operation succeeds. I've found references to problems with earlier releases of pam_ldap when referrals were not properly followed when using TLS, and these are supposed to be fixed; apparently not in my case. Can anyone hit me with the clue stick? Steve ---------------------------------------------------------------------------- Steve Thompson E-mail: smt AT vgersoft DOT com Voyager Software LLC Web: http://www DOT vgersoft DOT com 39 Smugglers Path VSW Support: support AT vgersoft DOT com Ithaca, NY 14850 "186,300 miles per second: it's not just a good idea, it's the law" ----------------------------------------------------------------------------
- Previous message: [CentOS] Picasa vs. native photo management apps
- Next message: [CentOS] LDAP and expired passwords
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list