[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap stopped authenticating



--On Tuesday, November 27, 2018 5:59 PM +0000 "Lang, Adam" <Adam.Lang@ecolane.com> wrote:



Hello,



I woke up to an issue today where SSH access to our servers no longer
works due to issues with LDAP authentication.  Oddly, ldapsearch with
admin credentials interacts with the LDAP server fine. If I check for
ldapusers using getent passwd, none are returned.



The slapd auditlog records the failed attempts.



When trying to su as an ldap user, it returns "no passwd entry".



Nothing "should" have changed over night, so any ideas of where to
look will be appreciated.

Hopefully you have the "stats" log level enabled, and can see what sort of search is being performed and/or any errors that arise. Additionally, I will assume you've attempted using the same credentials as the client(s) are using to perform those same searches from the command line, along with then testing those searches as the admin user to see what difference (if any) there are in the results, etc.

If you use TLS, I will assume you've confirmed that all certificates are valid (i.e., haven't expired), etc.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>