Summary: | MS Active Directory 2000 SP3 always returns "user is not unique" after an erroneous login attempt | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Laurent Blume <laurent> |
Component: | mod_ldap | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ajaysqa084 |
Priority: | P3 | Keywords: | PatchAvailable |
Version: | 2.0.44 | ||
Target Milestone: | --- | ||
Hardware: | All | ||
OS: | All |
Description
Laurent Blume
2003-02-21 10:14:27 UTC
i have exactly the same problem with openldap 2.0.25, apache 2.0.44 and freebsd 4.7. the quick fix solved the problem for me. i agree that the problem seems to be that the module assumes that the session can be used for authentication attempts again, which is not be permitted by the ldap servers access control. I have the same problem, I'm using: httpd-2.0.44 against ms active directory (ms w2k) I'm going through the bug db to make sure patches are findable. Please see http://httpd.apache.org/dev/patches.html I have this problem in my production mandrake 9.2 server, and would love to just get a fixed binary - is this being fixed in the actual binaries, or will this just continue to be a sourcecode patch? Seeing this on Windows 200 SP4 Active Directory, using Apache HTTP Server 2.0.49 on Windows. When incorrect password is input, error log logs: [*date*] [warn] [client *ipaddress*] [832] auth_ldap authenticate: user *username* authentication failed; URI *uri* [ldap_simple_bind_s() to check user credentials failed][Invalid Credentials] Subsequent attempt to login with correct password cause this error in the logs: [*date] [warn] [client *ipaddress*] [832] auth_ldap authenticate: user *username* authentication failed; URI *uri* [User not found][No Such Object] Please try the patch at http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27748 and tell me if it fixes this problem. This patch has been applied to v2.1.0-dev, and awaits backporting to v2.0.50-dev. I applied the patch to 2.0.49, built it with similar options. It now authenticates correctly against the AD server, even when entering invalid login/password combinations first. So it seems to fix the problem for me. Sweet, thanks :) Does 2.0.53 fix this problem??
I was using 2.0.47 and it has the same problem...
I couldnt change the source,
from:
< util_ldap_connection_close(ldc);
to
> util_ldap_connection_destroy(ldc);
It would give compile errors
thanks
Joshua
This was fixed in v2.0.51 - can you confirm whether this is still broken, and reopen if so? |