Le 18/09/2018 à 22:23, Ervin Hegedüs a écrit :
>
> But then I don't understand, why comes this error only few users
> (total number of users is about 200 now, we know about 2-3
> affected user).
>
> Anyway, I thought it also what you wrote, and switched back to
> native LDAP (instead of LDAPS), and make a capture at LDAP side.
>
> There aren't any garbage in packets, all request contains
> absolutely normal lines... If you interesting about it, I can
> send you a cap file - but that contains sensitive datas, of
> course.
>
> I just can share some screenshots about the traffic, hope it
> seems that no other garbage:
>
> https://www.dropbox.com/sh/x8ol6cfc39zj7cp/AADCo3CgcHPQnvOre4hjuULpa
It would be be interesting to see how your OpenLDAP ACL are configured.
Are you sure that a user can modify userPassword and sambaNT/LM password
attributes?
--
Clément Oudot | Identity Solutions Manager
[email protected]
Worteks | https://www.worteks.com
