[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Insufficient acces in some cases


Le 18/09/2018 à 22:23, Ervin Hegedüs a écrit :
>
> But then I don't understand, why comes this error only few users
> (total number of users is about 200 now, we know about 2-3
> affected user).
>
> Anyway, I thought it also what you wrote, and switched back to
> native LDAP (instead of LDAPS), and make a capture at LDAP side.
>
> There aren't any garbage in packets, all request contains
> absolutely normal lines... If you interesting about it, I can
> send you a cap file - but that contains sensitive datas, of
> course.
>
> I just can share some screenshots about the traffic, hope it
> seems that no other garbage:
>
> https://www.dropbox.com/sh/x8ol6cfc39zj7cp/AADCo3CgcHPQnvOre4hjuULpa


It would be be interesting to see how your OpenLDAP ACL are configured.
Are you sure that a user can modify userPassword and sambaNT/LM password
attributes?


-- 
Clément Oudot | Identity Solutions Manager

clement.oudot@worteks.com

Worteks | https://www.worteks.com