it's a RedHat DS and the password is valid because I just reset by email and it's set up fine, I can check it if I reset it again from the LDAP Tool but with the old password and type the new one. However, the problem is when I tried to login to some server.
2017-10-18 14:47 GMT+01:00 Clément OUDOT <[email protected] >: > > > Le 18/10/2017 à 14:34, Miguel Angel Gonzalez a écrit : > >> Logs from the server: >> >> Oct 18 12:03:16 ie1auth-2809b0 sshd[4482]: pam_unix(sshd:auth): >> authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=server >> user=migueltest >> Oct 18 12:03:16 ie1auth-2809b0 sshd[4482]: pam_ldap: error trying to bind >> as user "uid=migueltest,ou=People,dc=server" (Invalid credentials) >> Oct 18 12:03:18 ie1auth-2809b0 sshd[4482]: Failed password for migueltest >> from 10.40.10.144 port 36498 ssh2 >> Oct 18 12:03:24 ie1auth-2809b0 sshd[4482]: Connection closed by >> 10.40.10.144 >> Oct 18 12:03:27 ie1auth-2809b0 sshd[4531]: pam_unix(sshd:auth): >> authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=server >> user=migueltest >> Oct 18 12:03:27 ie1auth-2809b0 sshd[4531]: pam_ldap: error trying to bind >> as user "uid=migueltest,ou=People,dc=server" (Invalid credentials) >> Oct 18 12:03:29 ie1auth-2809b0 sshd[4531]: Failed password for migueltest >> from 10.40.10.144 port 36500 ssh2 >> >> > Seems the password is invalid, but we don't know in this log if this is > because it is expired. > > The only difference as I can see with other LDAP where it works. it's with >> the nsPwPolicyEntry, where it's enabled the option: passwordmustchange, I >> disabled it, but it's the same result >> >> > Seems you are not using OpenLDAP but SUN or RedHat DS. I don't know well > how password policy is managed by these directories. > > > -- > Clément OUDOT > Consultant en logiciels libres, Expert infrastructure et sécurité > Savoir-faire Linux > 137 boulevard de Magenta - 75010 PARIS > Blog: http://sflx.ca/coudot > > _______________________________________________ > ltb-users mailing list > [email protected] > https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users >
_______________________________________________ ltb-users mailing list [email protected] https://lists.ltb-project.org/cgi-bin/mailman/listinfo/ltb-users
