[Ltb-users] self-service-password authentication problems

Clément OUDOT clem.oudot at gmail.com
Mon Sep 2 09:28:24 CEST 2013


2013/8/30 Dirk Försterling <df at edelknorz.de>

> Clément OUDOT schrieb:
> >
> >
> >
> > 2013/8/30 Dirk Försterling <df at edelknorz.de <mailto:df at edelknorz.de>>
> >
> >     Hello,
> >
> >     I recently encountered the same symptomps Tian Zhiying encountered in
> >     February. See:
> >
> http://lists.ltb-project.org/pipermail/ltb-users/2013-February/000288.html
> >
> >     He managed to solve the problem by changing LDAP rights. In my case,
> >     however, the LDAP server just reports an anonyumous bind and
> >     refuses to process the password change for the (non-anonymous) user.
> >
> >     this happened with version 0.8 (from RPM) on RHEL 6. The solution
> that
> >     worked for me was to downgrade to 0.6 (with unchanged configuration).
> >
> >     What could be the reason why 0.8 does not authenticate to the LDAP
> >     server properly where 0.6 does?
> >
> >
> > Some changes have been done on the configuration (array for password
> > policy attributes for example).
> >
> > Could you send your configuration and some logs?
> >
> > Clément.
>
> Attached is the config.inc.php (anonymized) that works with 0.6 but not
> with 0.8.
>
> If I am reading the migration notes for 0.7 and 0.8 correctly,
> the config should work without modification, if I don't want the new
> features.
>
> In the apache Log, there are only messages like this:
>
> [Fri Aug 29 08:12:21 2013] [error] [client 192.168.160.111] LDAP -
> Modify password error 50 (Insufficient access)
>
> Unfortunately I cannot send any logs from the LDAP server. The LDAP
> admin is out of reach and just told me there are anonymous BINDs before
> the password change attempt (when using 0.8).
>
>

In your config there is:

$ldap_binddn = "";
$ldap_bindpw = "";


Is it normal?

Clément.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20130902/b69af68b/attachment.htm>


More information about the ltb-users mailing list